TOS Tracker
Significant Terms of Service, license, and privacy policy changes by software companies. Before/after diffs with red flag indicators.
Updated Data Processing Agreement for EU customers — Schrems II compliance strengthened
Standard DPA referencing EU-US Privacy Shield successor framework. Sub-processors listed but update notifications were optional.
New DPA includes mandatory 30-day advance notification for sub-processor changes, EU-only data residency option at no extra cost on Pro plans, and SCCs updated to latest EU Commission version.
Positive change for EU customers. EU data residency without surcharge is competitive — most providers charge extra. Sub-processor notification gives teams time to assess compliance impact. Applies to all plans including free tier projects with EU region selected.
Gemini API terms clarification — free tier data used for model improvement, paid tier excluded
Gemini API terms were ambiguous about whether paid tier inputs/outputs could be used for model improvement. Free tier training usage was implicit but not explicit.
Explicit terms: Free tier (Gemini API via AI Studio) inputs/outputs used to improve Google models. Paid tier (Vertex AI Gemini) excluded from training with contractual guarantee. Cached content on free tier retained up to 60 days.
Clarification that free tier = training data is now explicit. Developers prototyping on free Gemini API are feeding Google's models. The 60-day cache retention on free tier is longer than competitors (Anthropic: 30 days, OpenAI: 30 days). Move to Vertex AI for production to ensure exclusion.
AI features data usage disclosure — workspace content indexed for Notion AI responses
Notion AI launched with opt-in per query. Content sent to AI partner (Anthropic) per-request only. No persistent indexing of workspace for AI purposes.
Notion AI now indexes full workspace content to provide contextual answers. Index stored on Notion infrastructure (not sent to third-party). Workspace admins can disable per-space. Free tier AI limited to 20 queries/month without indexing.
The persistent index is a privacy consideration for teams with sensitive documents. Unlike per-query AI, the index means all content is pre-processed regardless of whether AI is used. Positive: data stays on Notion infra, not sent to Anthropic until queried. Admins should review which spaces are indexed.
Bandwidth pricing simplification — overage model replaced with hard caps and tier upgrades
Pro plan: 1TB bandwidth with $55/100GB overage. No hard cap — bills could spike unexpectedly on traffic surges.
Pro plan: 1TB bandwidth with hard cap. Exceeding triggers automatic upgrade prompt to Business ($99/month, 2TB). No more per-GB overages but traffic beyond cap returns 503 until upgraded.
Addresses the surprise billing problem that plagued Netlify users. Hard caps prevent $2000 surprise bills but introduce availability risk — sites go down if cap hit. Automatic scaling requires Business tier. Trade-off: predictable bills vs. potential downtime during viral traffic.
Updated SLA for Pro plans — 99.95% uptime guarantee with service credits
Render Pro plan had informal uptime targets but no contractual SLA. No service credits for downtime.
Pro plan SLA: 99.95% monthly uptime. Service credits: 10% for <99.95%, 25% for <99.9%, 50% for <99.5%. Excludes scheduled maintenance (up to 4 hours/month). Must file credit request within 7 days.
Positive addition for teams needing SLA guarantees. 99.95% is competitive with Fly.io and Railway. The 7-day claim window and scheduled maintenance exclusion are standard. Enterprise plan offers 99.99% SLA with dedicated support. Good signal for Render's infrastructure maturity.
Claude acceptable use policy updated — expanded prohibited use categories for agentic systems
AUP covered standard categories: CSAM, weapons, fraud. Agentic use (tool use, computer use) had general guidelines but no specific prohibited patterns.
New AUP sections: autonomous financial transactions prohibited without human confirmation, recursive self-improvement patterns banned, long-running unsupervised agents require heartbeat callbacks. API customers must implement kill switches for agent loops.
Proactive policy update ahead of regulation. Reflects industry learning from agentic deployments. Kill switch requirement is a best practice anyway. No pricing impact. Enterprise customers given 90-day compliance window.
Workers pricing model change — CPU time billing replaces request-based pricing
Workers Paid plan: $5/month includes 10M requests. Additional requests at $0.50/million. CPU time was a soft limit (10ms on free, 50ms on paid).
Workers Standard: $5/month includes 10M requests OR 30 million CPU-ms (whichever exhausted first). CPU-intensive workloads (AI inference, image processing) now billed on actual compute. Overage: $0.02/million CPU-ms.
Request-based pricing was extremely favorable for CPU-heavy workloads. Teams running AI inference or heavy computation on Workers see 3-10x cost increase. Lightweight API proxies and edge functions unaffected. Cloudflare positions this as 'fair use enforcement' for compute-intensive abuse.
Updated dispute handling fees — $25 per dispute regardless of outcome
Stripe charged $15 per chargeback dispute. Fee refunded if merchant won the dispute. No fee for inquiries.
Dispute fee increased to $25 per dispute, non-refundable regardless of outcome. Inquiry-stage disputes now also incur $10 processing fee. High-dispute merchants (>1% rate) face additional $5/dispute surcharge.
Non-refundable dispute fees penalize merchants even when they win. Combined with the inquiry fee, merchants handling fraud-prone verticals (digital goods, subscriptions) see significant cost increase. Stripe Radar ($0.07/transaction) becomes effectively mandatory to keep dispute rates low.
Dev Mode licensing restructured — separate paid seat required for developers
Dev Mode included in Professional plan ($15/editor/month). Developers could inspect and export with view-only access at no additional cost.
Dev Mode now requires separate Dev seat: $5/developer/month on Professional, $10/developer on Organization. View-only users lose Dev Mode access. Teams must purchase Dev seats in addition to editor seats.
Effectively a price increase for cross-functional teams. A team of 5 designers + 10 developers goes from $75/month (editors only) to $75 + $50 (Dev seats) = $125/month. Competitors like Penpot (open source) and Zeplin gain appeal for dev handoff workflows.
Updated fair use policy — CPU and memory limits enforced on Pro plan
Pro plan ($20/month): generous compute with soft limits. High-usage workloads tolerated. No explicit per-service CPU/RAM caps.
Pro plan: 8 vCPU / 32GB RAM per service hard limit. Workloads exceeding limits throttled or require Team plan ($40/month). Crypto mining and sustained 100% CPU usage explicitly banned with automatic suspension.
Fair use enforcement was inevitable after abuse reports. Most legitimate applications fit within 8 vCPU / 32GB. The automatic suspension for mining protects platform stability. Team plan at $40/month is reasonable for compute-heavy workloads. Self-hosted alternatives (Coolify, CapRover) avoid these limits.
Authentication data retention policy — session metadata retained 2 years by default
Clerk retained authentication logs and session data for 14 days on free tier, 90 days on Pro. No long-term retention policy specified.
All plans: session metadata (IP, device, location, timestamps) retained 2 years for fraud detection. PII (email, phone) retained until user deletion. Free tier log access limited to 7 days; data still retained 2 years on Clerk's infrastructure.
2-year metadata retention raises GDPR data minimization concerns. Even if developers delete users from their app, Clerk retains session metadata. EU customers should review their Clerk DPA. The disconnect between log access (7 days) and actual retention (2 years) is non-obvious and creates compliance risk.
Enterprise API usage policy updated — expanded content filtering and output logging
Enterprise API customers had minimal content filtering with zero-retention by default. Custom policies negotiable per contract.
New mandatory safety layer applied to all Enterprise API calls. Output logging retained 7 days for policy compliance review even on zero-retention plans. Custom system prompts subject to automated audit.
Breaks assumption that Enterprise = full zero-retention. The 7-day compliance buffer means regulated industries (healthcare, legal) must update their DPIAs. OpenAI framed as 'safety commitment' but enterprise customers report latency increase from the new filtering layer.
Blob storage pricing restructured — per-operation charges introduced alongside storage fees
Vercel Blob: simple per-GB storage pricing. Read/write operations included in Pro plan allowance. No separate operation charges.
Vercel Blob: $0.15/GB storage + $0.50/million read operations + $4.50/million write operations. Free tier capped at 1GB storage and 10K operations/day.
Aligns Blob pricing with industry standard (similar to R2, S3). High-read applications see cost increase. The operation-based model penalizes chatty applications. Cloudflare R2 remains cheaper for read-heavy workloads with free egress.
Copilot IP indemnity terms updated — coverage limited to Enterprise tier with guardrails enabled
GitHub Copilot Business included basic IP indemnification for code suggestions. Coverage applied when using default settings.
IP indemnity now requires: Enterprise plan ($39/user/month), code referencing filter enabled, and audit log retention active. Business plan ($19/user) gets 'best effort' defense only. Individual plan has no indemnity.
Tiered indemnity creates a compliance gap for mid-size companies on Business plan. The 'guardrails enabled' requirement means disabling the code referencing filter voids your coverage. Companies with IP-sensitive codebases must evaluate whether $39/user is justified by the legal protection.
Atlas Serverless pricing revision — minimum charges and cold-start fees introduced
Atlas Serverless: true pay-per-operation pricing. $0.10 per million reads, $1.00 per million writes. No minimum charge. Scale to zero.
Atlas Serverless: $0.10/million reads, $1.00/million writes (unchanged), but new $5/month minimum per cluster. Cold-start fee of $0.001 per activation after 15 minutes of inactivity. Storage minimum 1GB ($0.25/GB).
The minimum charge and cold-start fee eliminate the 'scale to zero' value proposition. Hobby projects and low-traffic APIs now pay $5/month regardless of usage. Neon (Postgres) and Turso (SQLite) offer genuinely free serverless tiers without minimums. MongoDB's free shared tier (M0) remains but is limited to 512MB.
Updated SOC 2 data retention policy — configurable retention with 90-day minimum
Linear retained all issue data indefinitely. Deleted issues soft-deleted for 30 days, then hard-deleted. No configurable retention.
Configurable data retention: 90-day minimum, up to indefinite. Attachments auto-expire after workspace-configured period (default 1 year). Audit logs retained 2 years on Business plan, 7 years on Enterprise.
Positive change for compliance teams. Configurable retention satisfies SOC 2 and GDPR data minimization requirements. The 90-day minimum ensures operational continuity. Attachment expiration reduces storage costs. Enterprise audit log retention meets financial services requirements.
GPU pricing terms — reserved GPU instances require 30-day minimum commitment
GPU Machines (A10G, A100) available on-demand with per-second billing. No commitment required. Start/stop anytime.
GPU on-demand pricing increased 20%. New reserved GPU tier: 30-day minimum commitment at 40% discount. Spot GPUs introduced at 60% discount but can be preempted with 30-second notice.
On-demand GPU price increase pushes users toward commitments. The spot tier is useful for batch inference and training but unusable for real-time serving. 30-day minimum is short compared to cloud providers (AWS: 1-3 year reserved instances). Good for ML teams needing predictable GPU access without long lock-in.
Log retention policy change — default retention reduced from 15 days to 7 days on Pro plan
Datadog Logging Pro plan: 15-day default retention included. Extended retention (30/60/90 days) available as paid add-on.
Default retention reduced to 7 days on Pro plan. 15-day retention now costs $0.10/GB/month extra. Online Archives (cold storage) introduced at $0.05/GB/month for long-term retention. Rehydration from archives: $0.10/GB.
Halving default retention forces teams to either pay more or lose observability context. Incident investigations often need >7 days of logs. The archive + rehydration model adds cost and latency to retrospective debugging. Teams with compliance requirements (PCI: 90 days, SOX: 7 years) see significant cost increases. Grafana Loki and self-hosted alternatives gain appeal.
New Data Processing Addendum — AI services carved out with separate terms
Single DPA covered all AWS services including Bedrock, SageMaker, and Rekognition. Same data processing commitments across all services.
Separate AI Services Addendum introduced. Bedrock: customer data not used for training (unchanged). SageMaker: shared training data opt-out now requires explicit API flag. Rekognition and Transcribe: content may be used to improve accuracy unless opted out per-request.
Splitting DPA into service-specific addenda adds compliance review burden. The per-request opt-out for Transcribe and Rekognition is operationally complex — easy to miss in a single API call. Bedrock customers unaffected. Review your AWS service usage against the new addendum matrix.
End-of-free-tier migration terms — Hobby databases deleted after 60-day grace period
PlanetScale Hobby tier: 1 free database, 5GB storage, 1 billion row reads/month. Available indefinitely.
Hobby tier sunset announced. Existing databases given 60-day migration window. After deadline: databases suspended for 30 days (read-only export), then permanently deleted. Scaler plan ($39/month) is new minimum.
Massive impact on indie developers and hobby projects. 60-day window is tight for projects with complex schemas. PlanetScale recommended export to self-hosted Vitess or migration to Neon, Turso, or Supabase. The $39/month Scaler plan is expensive for small projects. Many developers cited this as reason to avoid proprietary databases.
Pro plan price increase — $35/mo to $50/mo
Pro plan: $35/mo base. 10,000 MAU included. $0.02 per additional MAU.
Pro plan: $50/mo base. 10,000 MAU included. $0.02 per additional MAU (unchanged). Organizations feature moved from Pro to Business plan ($199/mo).
43% base price increase. Moving Organizations to Business tier ($199/mo) is significant for multi-tenant SaaS builders who were on Pro. Better Auth and Stack Auth gain appeal as free alternatives.
GPT-4o pricing increased — input tokens up 25%
GPT-4o: $2.50/M input tokens, $10/M output tokens. Batch API: 50% discount.
GPT-4o: $3.00/M input tokens (+20%), $10/M output tokens (unchanged). Batch API discount reduced to 40%. New GPT-4o-mini remains at $0.15/$0.60.
First significant price increase for a flagship model. Reverses the trend of consistent price decreases. Pushes cost-sensitive workloads to GPT-4o-mini or open models via Groq/Cerebras.
Platform fee introduced for Stripe Connect Express accounts
Stripe Connect Express: standard processing fees only (2.9% + 30c). No platform fee.
Stripe Connect Express: standard processing + new $2/mo per connected account fee for accounts with <$100/mo volume. Waived for high-volume accounts.
Targets marketplaces with many low-volume sellers. A marketplace with 1000 small sellers now pays $2000/mo in platform fees. Significant impact on gig economy and creator platforms. Paddle and Polar gain appeal.
Hobby plan memory limit increased, pricing adjusted
Hobby plan: $5/mo credit. 8GB RAM limit. 100GB bandwidth. $0.000231/min vCPU, $0.000231/min per GB RAM.
Hobby plan: $5/mo credit. 32GB RAM limit. 100GB bandwidth. Per-minute pricing unchanged. Persistent disk pricing reduced from $0.25/GB to $0.15/GB.
Positive change — higher RAM limit and cheaper storage. Railway consistently improves Hobby tier to attract indie developers. Good competitive response to Render and Fly.io.
Free tier limits tightened — project pausing after 7 days inactivity
Free projects paused after 1 week of inactivity. 2 free projects per organization.
Free projects paused after 7 days of inactivity (unchanged). Limit reduced from 2 to 1 active free project per organization. Database size limit tightened to 500MB from 500MB (unchanged but more strictly enforced).
Minor tightening aimed at reducing free tier abuse. Paid plans unaffected. The 1-project limit is notable for developers running staging + production on free tier.
Compute pricing model changed — autoscaling billing updated
Pay per compute-hour. Autoscaling from 0.25 to 8 CU. Scale-to-zero after 5 minutes inactivity on Free, 10 minutes on Pro.
Pay per active-compute-hour (unchanged). Minimum compute size on Pro increased from 0.25 CU to 0.5 CU. Scale-to-zero timeout configurable (1-60 minutes) on Pro. Free tier limited to 1 branch.
Doubling minimum compute on Pro is a soft price increase. The configurable scale-to-zero timeout is welcome but defaults to 10 minutes. Free tier branch limit pushes preview-per-PR workflows to paid.
Default consumer data retention extended from 30 days to 5 years for opted-in users
Anthropic stored consumer Claude.ai conversations for 30 days unless flagged for trust & safety.
Consumer users prompted to opt in to 5-year retention with model training enabled. Opt-out keeps 30-day retention but is opt-out-by-default for new users.
API users unaffected — API data retention remains 30 days, no training. Change applies to claude.ai web/app consumer product. Free, Pro, and Max tier users all see the prompt. Enterprise and API customers governed by separate contracts.
Updated data retention — Enterprise opt-out for all monitoring
API inputs/outputs retained 30 days for abuse monitoring. No opt-out except Enterprise plan.
API data retained 30 days for abuse monitoring on all plans. Enterprise customers can opt out of all retention including abuse monitoring. New trust & safety transparency report published quarterly.
Enterprise opt-out addresses compliance concerns for regulated industries. The 30-day retention on non-Enterprise plans remains. Quarterly transparency reports add accountability.
Rate limits restructured — free tier significantly throttled
Free tier: 30 RPM, 14,400 RPD. No model-specific limits.
Free tier: 15 RPM, 7,200 RPD. Per-model limits introduced (Llama 3.3 70B: 10 RPM free). Paid tier: dedicated capacity starting $500/mo.
50% reduction in free tier rate limits pushes production workloads to paid. Dedicated capacity model ($500/mo minimum) targets enterprises. Free tier remains good for development and prototyping.
Workers paid plan pricing restructured — CPU time billing model change
Workers Paid: $5/mo includes 10M requests and 30M CPU-ms. Overages: $0.50/M requests + $0.02/M CPU-ms.
Workers Paid: $5/mo includes 10M requests and 30M CPU-ms (unchanged). New: sub-requests now counted separately at $0.10/M. Duration billing introduced for long-running Workers at $12.50/M GB-s.
Sub-request counting is a hidden cost increase for Workers that call external APIs. A Worker making 5 fetch calls per invocation now costs 5x at the sub-request layer. Duration billing targets AI inference and LLM-calling Workers.
Fair Use Policy updated — stricter bandwidth limits on Pro plan
Pro plan: 1TB bandwidth included. Overages at $40/100GB. Fair use policy vaguely defined.
Pro plan: 1TB bandwidth, but 'sustained high bandwidth' subject to review. Fair use policy updated with specific thresholds for image-heavy sites. Bandwidth overages now $55/100GB.
37% price increase on bandwidth overages. The vague 'sustained high bandwidth review' creates uncertainty for media-heavy sites. Coolify on Hetzner becomes more attractive for bandwidth-heavy workloads.
FSL 1.1 — first cohort of code converts to Apache 2.0
All code under Functional Source License 1.1 with 2-year non-compete window.
Code from Sentry 23.5.0 and earlier now Apache 2.0. Newer code still under FSL with rolling 2-year window.
The FSL model working as designed — code automatically becomes fully open source after 2 years. This validates the FSL approach for companies considering it. GlitchTip (AGPL fork) now has more Apache-licensed Sentry code to draw from.
Free tier expanded — 500 databases, 9GB storage
Free tier: 3 databases, 8GB storage, 1B row reads/mo.
Free tier: 500 databases, 9GB storage, 1B row reads/mo. Embedded replicas now available on free tier (was Pro-only).
Aggressive free tier expansion to drive adoption. 500 databases supports per-tenant architecture. Embedded replicas on free tier is significant — enables local-first apps without paying.
Free tier MAU limit reduced from 10,000 to 5,000
Free plan: 10,000 monthly active users. Generous for indie SaaS products in early stages.
Free plan: 5,000 MAU. Pro plan required above that at $25/month + $0.02/MAU over 10k. Existing free-tier users above 5k given 60 days to upgrade.
The 60-day grace period was reasonable, but the halving of the free limit pushed growing indie products into paid tier earlier than expected. Competitors like Better Auth (self-hosted, free) and Lucia Auth gained attention as alternatives.
Notion AI becomes mandatory add-on bundled into Plus plan pricing
Notion AI: optional $10/member/month add-on. Plus plan: $10/member/month. You could use Plus without AI.
Plus plan restructured to include AI features. Price effectively increases. Free tier Notion AI limited to 20 responses. Difficult to separate AI cost from base cost.
Bundling AI into the base plan mirrors Microsoft 365 Copilot strategy. Users who don't want AI are subsidizing it. The free tier's 20 AI responses is a taste-then-paywall approach.
Docker Desktop subscription required for organizations over 250 employees or $10M revenue
Docker Desktop free for personal use, education, small business, and open-source projects. Threshold was 250 employees OR $10M revenue (introduced 2021).
Threshold tightened. Now: 'Pro/Team/Business plans required' for any commercial use beyond strict small-business definition. Audits initiated for non-paying enterprise users.
Docker has been actively auditing companies and demanding back-payment for licenses. Many enterprises moved to Podman, Rancher Desktop, or OrbStack. Docker engine itself (Apache 2.0) remains free — only Docker Desktop is paid.
New usage-based pricing model replaces flat tiers
Flat-tier pricing: Free, Pro ($25/mo), Enterprise. Fixed limits per tier.
Usage-based: Free tier with limits, then pay-per-use for function calls ($0.25/M), database storage ($0.20/GB), bandwidth ($0.10/GB). Pro plan includes base allocation.
Shift to usage-based pricing creates unpredictability for high-traffic apps. Real-time sync features generate many function calls — costs can surprise. Similar to Firebase's pricing surprise pattern.
Free Starter plan event limit reduced from 50M to 10M events/month
Starter (Free): 50M events/month. One of the most generous free tiers in analytics.
Starter (Free): 10M events/month. Growth plan pricing increased. Existing free users given 90-day grace period.
50M was unsustainably generous — many mid-size companies ran production analytics on the free tier indefinitely. 10M still covers most early-stage products. The 90-day grace period was reasonable.
Updated Usage Policy clarifying model output ownership and safety evaluations
Standard API terms. Outputs belong to user. No explicit mention of safety evaluation logging for API traffic.
Clarified: API outputs belong to user. Anthropic may log inputs/outputs for up to 30 days for safety monitoring and abuse detection. Enterprise plans can opt out of retention.
Relatively transparent compared to competitors. The 30-day retention for safety monitoring is standard in the industry but the opt-out for Enterprise makes it clear this is about abuse detection, not training. API data explicitly not used for model training.
Free tier function runs reduced from 25k to 5k/month
Free tier: 25,000 function runs/month. Sufficient for many small production apps.
Free tier: 5,000 function runs/month. Pro plan ($25/mo) for 50k runs. Step limits also reduced on free tier.
5x reduction in free runs pushes production apps to paid faster. The Inngest Dev Server is open-source and can be self-hosted for development. Production self-hosting is not officially supported but possible.
Figma introduces AI features as paid add-on — First Make Design, then seat price increase
Professional plan $12/editor/mo (annual). All design features included. No AI tier separation.
Professional plan increased to $15/editor/mo. AI features (Make Design, First Draft) bundled into price. Organization plan pricing also increased.
25% price increase justified by AI features many users didn't request. Make Design was paused after controversy over reproducing existing designs. Users paying for AI they may not want or trust.
Localization add-on pricing introduced — $9/locale/site/month
No built-in localization. Community workarounds (Weglot, Localize) used as external tools.
Webflow Localize: $9/locale/site/month on top of site plan. 3 locales = $27/month extra. Enterprise pricing for high-volume localization.
Add-on pricing model means multi-language sites become expensive quickly. 10 locales = $90/month just for localization. Competitors like Framer include basic localization in base plans.
GitHub Actions free minutes reduced for free tier; overage pricing changed
Free accounts received 2,000 GitHub Actions minutes/month. Overage charged at flat rates.
GitHub reduced free Actions minutes for some account types and adjusted pricing model in January 2025. Existing workflows relying on free minutes may exceed new limits.
Coincided with Microsoft's broader cloud cost optimization push. GitHub recommends self-hosted runners for high-usage OSS projects. Codespaces hours also trimmed. Impact primarily hits solo developers running many CI checks per commit.
Subscription price increase across all IDEs — perpetual fallback terms tightened
Annual subscription with perpetual fallback: after 12 consecutive months, you keep the last version forever if you cancel. Stable pricing since 2019.
Price increase of 20-30% across all products (IntelliJ IDEA, WebStorm, etc). All-Products Pack from $249 to $289/year. Perpetual fallback remains but applies to a version 12 months behind current.
First significant price increase in 5 years. JetBrains cited inflation and AI feature development (AI Assistant). The perpetual fallback was preserved, which softened the blow compared to Adobe's full subscription pivot. Still cheaper than VS Code + equivalent paid extensions for many use cases.
Relicensed from source-available to BSL 1.1
SurrealDB License — custom source-available. Commercial use required paid license for SaaS/DBaaS offerings.
BSL 1.1 — source available, converts to Apache-2.0 after 4 years. Production self-hosting for internal use permitted. Competing cloud database services prohibited.
Follows the HashiCorp/Sentry playbook. BSL is becoming the standard 'protect against cloud competitors' license. Self-hosters can use freely. The 4-year conversion to Apache gives long-term assurance.
Free tier resource limit reduced — 200 resources per stack enforced
Pulumi Cloud Individual free tier with generous resource limits. Small teams could run production on free tier.
200 resources per stack on free tier. Team tier at $50/mo for more resources. Self-managed backends remain free and unlimited.
The self-managed backend escape hatch (S3, Azure Blob, GCS) makes this a non-issue for infrastructure teams. Free tier is now development-only. Pulumi code remains fully open source.
Encoding pricing restructured — per-minute encoding costs increased for 4K
Video encoding: flat per-minute rate regardless of resolution. Standard pricing across all quality levels.
Encoding tiered by resolution: 1080p baseline, 4K at premium rate. Live streaming per-minute costs adjusted upward for high-resolution streams.
4K encoding cost increase is reasonable given compute requirements. Most developers use 1080p and see no change. The per-minute model remains simpler than AWS MediaConvert pricing.
SDK module licensed under proprietary terms; reverted to GPL after community backlash
All Bitwarden code under GPLv3 / AGPLv3. Self-hosters could build from source freely.
New SDK module restricted self-hosters from building the desktop app without proprietary SDK. After backlash, Bitwarden reverted within days and committed to keeping clients GPL.
Community caught the change in PR review. Bitwarden CTO publicly apologized and reverted. Demonstrates value of vigilant open-source community oversight. Vaultwarden (alternative server) gained users despite the quick revert.
Docker Desktop business license required for companies >250 employees; enforcement tightened
Docker Desktop was free for all use including commercial. The 2022 announcement required business licenses but enforcement was lax.
Docker began actively enforcing the business license requirement ($21/user/month). Companies >250 employees or >$10M revenue must have paid subscriptions. License audits became more common.
Originally announced in 2022 but enforcement ramped up significantly in 2024. Drove many enterprises to evaluate Podman Desktop, Rancher Desktop, and OrbStack as free alternatives. The Docker Engine (CLI only, no GUI) remains free for all users.
Privacy policy updated to explicitly cover AI training on public data
Google used publicly available information to improve services and develop new ones. No explicit mention of AI model training.
Updated policy explicitly states Google may use publicly available information to train AI models including Gemini. Covers text, images, and other media.
Legalized what was already happening but made it explicit. If your content is publicly accessible, Google claims the right to train models on it. No practical opt-out for public web content.
Hobby plan commercial use explicitly prohibited — enforcement tightened
Hobby plan ToS mentioned non-commercial use but enforcement was lax. Many indie developers ran revenue-generating sites on Hobby.
Vercel began actively flagging and requiring upgrades for Hobby-tier projects generating revenue. Pro plan ($20/mo/member) required for any commercial use.
Many solo developers were surprised to find their SaaS or portfolio sites flagged. The definition of 'commercial use' was broad enough to include personal sites with affiliate links. Pushed many to Netlify, Cloudflare Pages, or self-hosted alternatives.
Deno KV released as proprietary — SQLite-based but cloud version is closed
Deno runtime: MIT license. All APIs open source. KV was experimental.
Deno KV local: uses SQLite (open). Deno KV on Deploy: proprietary FoundationDB backend. No self-host option for the distributed version.
The local/cloud split means development works differently from production. Lock-in through the cloud KV API with no self-hosted equivalent. Deno positions this as 'serverless requires managed infrastructure' but alternatives like Turso offer similar features with more portability.
Platform plan pricing increased — per-booking fees added for marketplace use
Cal.com Platform: flat pricing for embedding Cal.com into your product. No per-booking fees.
Platform plan restructured with per-active-user or per-booking fees above included limits. Monthly minimums increased.
Affects companies embedding Cal.com (the Platform product), not regular self-hosters or individual users. The AGPL self-hosted version remains free and fully featured. Standard monetization of the API/embed product.
ClickHouse Cloud free tier introduced with usage caps
No free tier on ClickHouse Cloud. Self-host (open source) or pay for managed cloud.
Free Development tier: 10GB storage, limited compute credits per month. Auto-pauses after inactivity. Production workloads require paid tier.
Welcome addition. 10GB is reasonable for development and testing OLAP workloads. Auto-pause means no surprise bills. Self-hosted remains the zero-cost option for production.
Professional tier introduced — free tier document and bandwidth limits added
Generous free tier during growth phase. No hard limits on documents or bandwidth.
Free: 1M function calls, 1M documents, 1GB storage. Professional: $25/mo with higher limits. Pay-as-you-go overages.
Expected monetization step for a VC-funded BaaS. Free tier remains usable for indie projects. 1M document limit is generous. Lock-in is the bigger concern — proprietary query model means data portability is limited.
La Plateforme terms clarified: free tier prompts may be used to improve models
No explicit statement about whether free API usage trains models. Policy was ambiguous.
Free tier (la plateforme) inputs and outputs may be used to improve Mistral models. Paid API tier excludes training usage.
Classic freemium data-for-training tradeoff. Solo developers and OSS projects using the free tier are effectively contributing training data. Switch to paid tier to opt out. Mirrors the Copilot Individual/Business distinction.
Enterprise features relicensed to Apache 2.0
Timescale License (TSL) for enterprise features: compression, continuous aggregates, multi-node. Community features under Apache 2.0.
All features under Apache 2.0. No more dual-licensing. Full open source for the entire database.
Another move toward openness. TimescaleDB made enterprise features free to compete with InfluxDB and Prometheus. Focuses on Timescale Cloud revenue instead of license-based revenue.
Automattic blocks WP Engine from WordPress.org resources
WordPress trademark used freely by hosting companies. WordPress.org plugin/theme repo accessible to all WordPress installations.
Matt Mullenweg declared WP Engine a 'cancer to WordPress,' blocked WP Engine servers from WordPress.org plugin/theme updates. Users on WP Engine couldn't update plugins.
Unprecedented weaponization of open-source infrastructure against a commercial competitor. Raised questions about WordPress.org being controlled by a single company (Automattic). WP Engine sued.
Teams plan price increase of 300% for existing customers
Canva Teams: $120/year for up to 5 users. Grandfathered pricing for early adopters as low as $60/year.
New pricing: $500/year for 5 users ($100/user/year). Existing customers hit with 300% increase. 30-day notice before billing cycle.
Massive backlash from small businesses and nonprofits. Canva offered partial discounts for nonprofits but held firm on business pricing. Coincided with Canva's push toward enterprise AI features (Magic Studio). Users felt bait-and-switched after years of affordable pricing.
AI bot blocking tools launched — but Cloudflare uses traffic data for AI products
Cloudflare proxied traffic for security/performance. Traffic metadata used for threat intelligence.
New AI bot blocking features launched. Simultaneously, Cloudflare uses aggregate traffic patterns and metadata to train its own AI products (AI Gateway, Workers AI).
Ironic position: helping customers block AI scrapers while using traffic data for their own AI products. Cloudflare argues it's aggregate/anonymized metadata, not content. But the dual role as both AI protector and AI data user raised eyebrows.
Free tier compute reduced — autosuspend timeout shortened
Free tier: 0.5 CU compute, 5-minute autosuspend timeout. Reasonable for hobby projects.
Autosuspend timeout reduced for free tier. Cold starts more frequent. Storage limit remains 512MB but compute availability tightened during peak hours.
Neon was transparent about sustainability reasons. The core free offering is still generous compared to competitors. Cold start latency (~500ms) is the main impact — acceptable for dev, annoying for production.
v3 rewrite with new pricing — free tier reduced, self-hosting simplified
v2: generous free tier with cloud-first approach. Self-hosting was complex.
v3: free Hobby tier with 5 concurrent runs and 30s max duration. Pro at $25/mo. Self-hosting via Docker made significantly easier.
The v3 rewrite changed the architecture fundamentally (from polling to long-running containers). Free tier is tighter but self-hosting is now practical. Open-source code is the escape hatch.
SendGrid deprecates legacy plans — forced migration to new pricing tiers
Legacy plans with generous email volumes at locked-in rates. Some customers on plans no longer offered publicly.
All legacy plans sunset. Customers migrated to current Essentials/Pro/Premier tiers at current market rates. Some saw 2-3x cost increases.
Long-time customers lost favorable grandfathered pricing. Twilio (SendGrid parent) cited 'plan simplification.' Alternatives like Resend, Postmark, and Amazon SES gained migration traffic.
Droplet pricing increased across all tiers — first increase since 2018
Basic Droplet: $4/mo (512MB), $6/mo (1GB). Prices stable since 2018.
Basic Droplet: $6/mo (1GB, 512MB tier removed). Premium Droplets introduced at higher price points. Managed databases also saw increases.
After 6 years of stable pricing, DigitalOcean aligned closer to AWS Lightsail and Vultr pricing. The removal of $4/mo tier hurt hobby projects. Still cheaper than AWS/GCP/Azure for equivalent resources.
Cloud Pro tier launched at $15/member/month — free tier limits clarified
Appwrite Cloud in beta with generous free limits. No paid tier available yet.
Free Starter: 75K MAU, 2GB storage, 10GB bandwidth. Pro: $15/member/month with 300K MAU, 150GB storage, 300GB bandwidth.
First paid tier for Appwrite Cloud. Free tier is generous for hobby projects. Self-hosted Appwrite remains free with no limits. Transparent pricing compared to Firebase's usage-based surprise bills.
WordPress.org bans WP Engine, then forks ACF plugin without consent
WordPress.org plugin directory was a neutral distribution channel. ACF (Advanced Custom Fields) by WP Engine was the de facto custom field plugin.
WordPress.org blocked WP Engine's access to plugin updates. Automattic forked ACF as 'Secure Custom Fields' and silently replaced ACF in the directory. WP Engine sued.
Matt Mullenweg's actions raised existential questions about plugin trust. Site owners discovered Automattic could replace any plugin in the directory at will. WP Engine got an injunction. Damaged trust in WordPress.org as neutral infrastructure permanently.
R2 added Infrequent Access storage tier; egress remains free
R2 had single Standard storage tier at $15/TB/month. Free egress.
Standard ($15/TB) + Infrequent Access tier ($10/TB) added. Infrequent Access has Class B operation fees but cheaper for cold data. Egress still free across both tiers.
Standard cost reduction with no terms degradation. Cloudflare's S3-compatible R2 continues to undercut AWS S3 dramatically (AWS charges $0.09/GB egress; R2 charges $0). Backup and archive workloads benefit most.
X (Twitter) user posts used to train Grok AI by default — opt-out buried in settings
No AI training opt-out existed; users had no explicit consent mechanism for AI training use of their posts.
X/Twitter data used to train Grok AI model. Opt-out available under Privacy settings → Grok → Data sharing, but automatically opted in for all existing users.
Regulators in Ireland (DPC) forced X to pause EU training after finding no valid legal basis. X suspended EU Grok training in August 2024. Default opt-in for AI training using public posts set a dangerous precedent. Opt-out UI was intentionally obscured.
User profiles and posts used to train LinkedIn AI models — opt-out hidden
LinkedIn data used for recruiting recommendations and feed algorithms. No explicit AI generative model training.
LinkedIn updated settings to train generative AI models on member posts, articles, and profile data. Opt-out in Settings → Data privacy → Data for generative AI improvement.
Quietly enabled for all users. The opt-out was pre-enabled without announcement; users discovered it via community posts. EU users had a separate and faster path to opt-out under GDPR. Professional content of developers, engineers, and PMs is now AI training data.
Bandwidth pricing overage rates increased 4x — $55/100GB over limit
Netlify Pro plan: $19/month with 400GB bandwidth. Overage: $20 per 100GB extra.
Overage rate raised to $55 per 100GB for Pro plan. Teams/Enterprise pricing also restructured. Some users saw 3-4x bill increases on bandwidth-heavy sites.
Multiple developers shared surprise bills of $500-$2000+ after traffic spikes. The 2.75x overage increase was not prominently announced. Cloudflare Pages and Vercel became immediate comparison points. Netlify subsequently added billing alerts but the pricing remained.
Workers AI inputs/outputs may be used to improve Cloudflare AI models on free tier
Workers AI launched without explicit training data usage policy.
Cloudflare Workers AI on the free tier: inputs and outputs may be used to improve Cloudflare's AI models. Paid Workers AI API calls excluded from training data.
Standard free-vs-paid AI data policy. Low severity because Cloudflare is explicit about this in documentation. Paid plan customers are unaffected. Follow the same guidance as other AI providers: test on free, deploy on paid.
AI training on user design files with opt-out (not opt-in)
No AI training on user content. Figma did not use customer designs for machine learning.
Figma trains AI features (e.g., 'Make Design') on customer file content. Opt-out available but not opt-in. Training enabled by default.
Figma paused the AI feature after users found it reproducing Apple Weather app designs nearly pixel-perfect. The opt-out default meant most users were already opted in before they knew.
Returned to open source (AGPL) after 3 years of SSPL
Dual SSPL/Elastic License since 2021 — not open source. Elasticsearch removed from many Linux distros. OpenSearch fork gained traction.
Added AGPL as a third license option. Users can now choose AGPL, SSPL, or Elastic License. Effectively returned to open-source availability.
Rare example of a license change reversal. Competition from OpenSearch (AWS fork) likely motivated the return. Proved that aggressive re-licensing can backfire when forks gain momentum.
Starter plan pricing introduced — previously free features now gated
Generous trial with full feature access. Transition to Pro plan for production use.
New Starter tier at $10/seat/month with limited flags (1k), environments (2), and no experimentation. Features previously available in trial now require Pro ($20/seat/month).
Created a clearer pricing ladder but many small teams felt squeezed. Open-source alternatives like Flagsmith and Unleash gained adoption. The per-seat model adds up fast for growing teams.
Community edition under AGPLv3 — enterprise features behind commercial license
Windmill initially released with permissive license. All features available.
AGPLv3 for community edition. SAML SSO, audit logs, multiplayer, and priority queues require Enterprise license.
Standard open-core model. Community edition is fully functional for most use cases. Enterprise features target larger teams. The AGPL ensures competitors can't offer closed-source Windmill hosting.
Free tier reduced from 5 users to 5 users but feature restrictions tightened
Free: 5 users, unlimited services and integrations, basic incident management.
Free: 5 users, but limited to 1 on-call schedule, 5 services, and reduced API access. Email integration only — no direct monitoring tool integrations on free.
The service limit and single on-call schedule make free tier impractical for real incident management. Grafana OnCall (free, unlimited) and Rootly offer better free alternatives.
Ghost(Pro) starter tier price increased — self-hosted remains free
Ghost(Pro) Starter: $9/mo for 500 members. Creator: $25/mo. Team: $50/mo.
Starter: $11/mo for 500 members. Creator: $31/mo. Team: $63/mo. All tiers ~20-25% increase.
Self-hosted Ghost is identical and remains free forever (MIT license). Price increase only affects managed hosting. Ghost is transparent about this — they recommend self-hosting for cost savings.
AGPL-3.0 added as third license option alongside SSPL and Elastic License v2
Dual SSPL and Elastic License v2 since January 2021 — both source-available, neither OSI-approved.
Triple license: AGPL-3.0 + SSPL + ELv2. Users can pick AGPL-3.0 to satisfy OSI 'open source' definition. Effectively walks back the 2021 license change.
Shay Banon admitted on the Elastic blog that the 2021 SSPL change was a mistake driven by AWS's Open Distro fork. AGPL-3.0 restores OSI status. OpenSearch fork (Apache 2.0) continues as community alternative. Many users stay on OpenSearch due to AWS Bedrock integration.
Einstein AI features may use customer CRM data for model training on lower tiers
Salesforce Einstein used customer data only within the customer's own org context. No cross-customer training.
Einstein AI features on lower tiers may use customer data as part of shared model improvements. Enterprise Shield and higher tiers offer model exclusivity.
Typical enterprise SaaS tiering: pay more for your data to stay isolated. The nuance matters for companies with sensitive customer data in Salesforce. Legal teams reviewing contracts need to check the 'Einstein Data Use' addendum specifically.
Updated data processing terms — third-party sub-processors expanded
Limited list of sub-processors handling customer data. Clear data residency options.
Expanded sub-processor list to include AI/ML providers for product features. Data may be processed by additional third parties for 'service improvement.'
Standard for analytics companies adding AI features. The expanded sub-processor list means your event data flows through more hands. Enterprise customers can negotiate DPA amendments.
Pricing restructured — usage-based model replaces fixed tiers
Fixed tier pricing: Starter free (8GB, 500 DBs), Scaler $29/mo flat. Predictable monthly cost.
Usage-based pricing added. Storage and row reads metered beyond included limits. Scaler plan restructured with different included limits.
The free tier remained generous (9GB storage). Usage-based pricing can lead to surprise bills but also means you only pay for what you use. Turso provided cost calculators and spending alerts.
SMS pricing increased across major markets — A2P 10DLC fees added
SMS at $0.0079/segment (US). Toll-free verification free. 10DLC registration minimal fees.
SMS increased to $0.0079+ with carrier fees. A2P 10DLC brand registration: $4/brand + $15/campaign. Toll-free verification fees added. Monthly number costs increased.
Carrier pass-through fees (AT&T, T-Mobile) added on top of Twilio base rates. Total cost per SMS effectively increased 20-40%. Small businesses hit hardest by per-campaign registration fees.
Free tier credits reduced — bandwidth and transformation limits tightened
Free tier: 25 credits/month (≈25GB bandwidth + transformations combined). Generous for small projects.
Free tier: 25 credits/month (unchanged) but credit calculation changed — transformations consume more credits. Effective free bandwidth reduced 30-40%.
Credit recalculation is a hidden price increase. Projects that fit in free tier before may now exceed limits. imgix and Bunny Optimizer offer more transparent pricing.
Free tier eliminated — replaced with $5/month minimum spend (Pay As You Go)
Genuine free tier with 3 small VMs (256MB RAM each) and 3GB persistent storage. Sufficient for hobby projects.
No free tier. Pay As You Go plan with $5/month minimum. Trial credits sometimes offered. Existing free apps required upgrade or were stopped.
Fly.io cited unsustainable abuse of free tier (crypto mining, spam relays). Pay-as-you-go pricing is still cheap for small apps but the elimination of true free tier hurt indie developers and learning use cases. Coolify on a $5 VPS is now competitive.
Content scraping controversy — robots.txt disregarded, publisher content used without licensing
No explicit policy on web scraping and content sourcing for AI answers.
Multiple publishers (Condé Nast, Forbes, Wired) reported Perplexity ignored their robots.txt exclusions and scraped content to answer queries verbatim. No content licensing agreements in place.
Different from TOS changes but directly relevant to compliance risk. API users and products built on Perplexity inherit the legal uncertainty around scraped content. Publishers filed legal complaints. Perplexity announced a revenue-sharing program but licensing disputes remain unresolved.
Updated TOS granting rights to access user content for AI/ML
Adobe accessed content only to provide and improve existing services. No mention of machine learning or AI training.
New clause: Adobe may access, view, or listen to content through automated and manual methods, including for content review and to train AI/ML models.
Artists and photographers outraged. Adobe later clarified they 'won't train AI on customer content' but the legal language remained broad enough to allow it. The TOS text and the PR statement contradicted each other.
Free tier PostgreSQL databases now expire after 90 days
Free PostgreSQL databases persisted indefinitely. No expiration. Popular for hobby projects and tutorials.
Free PostgreSQL databases automatically deleted after 90 days. Must recreate and re-seed data. No migration path to preserve data without upgrading.
Caught many tutorial authors and bootcamp students off guard. Projects that relied on persistent free databases suddenly lost data. Render positioned it as resource management but offered no grace period for existing databases created before the policy change.
Free tier daily command limit reduced from 10k to 10k but rate limiting tightened
Free tier: 10k commands/day, 256MB storage. Burst-friendly — could use all 10k commands in seconds.
Same 10k daily limit but with per-second rate limiting added. Bursts capped at 100 commands/second on free tier. Exceeding rate returns 429 errors.
Affected serverless workloads that were bursty by nature. The daily limit was the same but the rate limit changed usage patterns. Production apps needed to add retry logic or upgrade to paid plan.
Coolify v4 relicensed from AGPL-3.0 to Apache-2.0
AGPL-3.0 — strong copyleft. Anyone offering Coolify as a service must open-source their stack.
Apache-2.0 — permissive. Anyone can use, modify, and offer as a service without open-sourcing modifications.
Rare move in the opposite direction — from restrictive to permissive. Creator Andras Bacsai wanted to maximize adoption. Good for companies wanting to build internal PaaS on Coolify without AGPL concerns.
CockroachDB core relicensed — free tier restricted, BSL for full product
CockroachDB Core: free, source-available. Enterprise features (backup, CDC, SSO) required license. Core was fully functional for small deployments.
BSL 1.1 for all code. Serverless free tier on cloud. Self-hosting the full product requires Enterprise license for production use beyond single-node.
Follows the industry trend toward BSL. The free Serverless tier on Cockroach Cloud is generous but it's cloud-only — self-hosting production clusters now requires a commercial license. Another example of 'source-available, not open-source.'
Cisco acquisition completes — pricing restructured under Cisco umbrella
Splunk priced per daily ingestion volume. Enterprise customers negotiated per-GB/day rates. Standalone company with independent pricing.
Post-Cisco acquisition: workload-based pricing introduced. Entity-based model replaces pure volume-based. Existing contracts honored but renewals see 15-30% increases.
Cisco acquired Splunk for $28B. Price increases under Cisco ownership were expected and materialized. Enterprise customers locked into multi-year contracts face steep renewals. Many evaluating Elastic, Datadog, or OpenSearch.
Workspace plan pricing restructured — per-seat costs dramatically increased
Team plan: $35/mo for the workspace + per-seat costs. Reasonable for small agencies.
Workspace plans restructured: Freelancer $16/mo, Agency starting at $28/seat. Enterprise custom pricing. Existing grandfathered plans sunset with 6-month migration window.
Agencies with many designers saw significant cost increases. The per-seat model particularly hurts shops with part-time contributors. Some agencies migrated clients to Framer or static site generators.
Free tier static sites bandwidth reduced — paid tier restructured
Free tier: 100GB bandwidth for static sites, free web services with spin-down. Starter: $7/mo per service.
Free tier: bandwidth reduced, services spin down after 15 min inactivity. Starter renamed with new pricing tiers. Free PostgreSQL databases removed (90-day limit).
Free PostgreSQL 90-day expiration was a significant change — projects relying on free managed Postgres had to migrate or pay. Competitors like Railway and Fly.io offer better free database tiers.
Bunny Stream pricing introduced — video delivery joins CDN offerings
CDN-only service with bandwidth-based pricing. No integrated video streaming.
Bunny Stream: $5/mo + $1/1000 minutes stored + $1/1000 minutes delivered. Video transcoding, player, and analytics included.
Competitive video streaming pricing compared to Mux ($0.07/min delivered) and Cloudflare Stream ($1/1000 min). Transparent pricing is Bunny.net's strength. No free tier for streaming.
European users' public posts used to train Meta AI models — opted in by default
Meta did not explicitly state public post content would be used for generative AI training.
Meta announced it would use public posts, photos, and comments on Facebook/Instagram to train generative AI models. EU/UK users could submit an objection form to opt out.
EU Data Protection regulators pressured Meta to delay training on EU data. Ireland's DPC obtained pause in June 2024. Objection form was provided but was confusing and non-standard. This affects any developer who embedded Meta content or built on Meta's platforms.
All products relicensed from FSL to MIT
Functional Source License (FSL) 1.1 — non-compete restriction for 2 years, then Apache/MIT. Prevented competitors from offering hosted PostHog.
MIT license for all products. No restrictions whatsoever. Anyone can fork, host, and compete freely.
Rare reverse move toward more openness. PostHog bet that community growth and brand loyalty outweigh licensing protection. Signals confidence in product velocity over legal moats.
Content licensing deal with OpenAI for AI model training
User-contributed content under CC BY-SA 4.0. Used by community, searchable on web. No exclusive AI training agreements.
Multi-year deal with OpenAI: Stack Overflow content feeds directly into model training. OverflowAPI product launched for enterprise AI access to Q&A data.
Community contributors were not consulted. Content was written by volunteers under CC BY-SA, now monetized for AI training. Many users began deleting their answers in protest. Stack Overflow started banning mass-deletions.
Updated data processing to include AI-powered content analysis
Video content processed for encoding, delivery, and quality metrics only.
New auto-generated captions and content moderation features process video content through AI models. Metadata and content analysis data used to improve services.
Expected evolution for a video platform. The AI processing is opt-in per asset. Enterprise customers can restrict processing in their DPA. Transparent about what AI models see.
B2 Cloud Storage egress fees introduced for non-partner traffic
Free egress to Cloudflare, Fastly, and Bunny CDN via Bandwidth Alliance. All other egress also had generous free tier (3x storage = free egress).
Bandwidth Alliance partnerships maintained. Non-partner egress pricing restructured — free egress reduced to 3x daily storage. Overage at $0.01/GB.
Still much cheaper than AWS S3 egress ($0.09/GB). The Bandwidth Alliance with Cloudflare means most users combining B2 + Cloudflare CDN pay zero egress. Minor change that mostly affects direct API users.
Business plan price increase — $7.99 to $9.99 per user/month
1Password Business: $7.99/user/month. Includes Watchtower, custom vaults, admin console.
Business: $9.99/user/month (25% increase). Advanced protection pack ($5/user/mo add-on) for additional security features. Total cost for full features: $14.99/user/mo.
The add-on pack splits previously bundled features. Companies needing firewall and XDR integrations now pay almost double. Bitwarden Teams at $4/user/mo becomes more attractive.
Free tier reduced to 5 apps and 5 end users — effectively killed for real usage
Free tier: 5 apps, unlimited end users, core features included.
Free tier: 5 apps, 5 end users (new restriction). Standard: $10/user/month. Enterprise: custom. AI features in premium only.
5 end user limit makes free tier a demo environment. Internal tools typically have 20+ users. Budibase, Tooljet, and Appsmith (all open source) gained significant migration traffic.
Customer messages used to train AI/ML models by default; opt-out only via email
Customer messages were not used for AI training. Slack AI was a separate paid product.
Privacy policy quietly updated to allow Slack to use messages, files, content for training 'global models'. Opt-out required emailing CEO@slack.com.
Discovered by users in May 2024. Opt-out by email was widely criticized. Slack later clarified the models were 'not generative AI' but the trust damage was done. Policy was revised to clearer language but default remained opt-in.
Slack Global Privacy Policy updated — customer messages used to train AI models
Slack used customer data to improve existing features (spam filters, emoji recommendations). Messages not used for general AI/ML model training.
Slack's updated privacy policy stated it could use customer messages, files, and other content to train Slack AI and ML models. Opt-out required contacting legal team.
The backlash was swift and severe. Salesforce/Slack issued a clarification within 48 hours: they do not train 'large language models' on customer data. But the policy text allowed it. The disconnect between legal language and PR statements persists. Enterprise orgs rushed to review their Slack agreements.
Vercel Pro plan price increased from $20 to $25/member/month
Vercel Pro: $20/month per member. Teams plan had separate pricing.
Vercel Pro: $25/month per member. Concurrent builds and some limits also adjusted. Existing customers grandfathered for 90 days.
25% price increase for Pro users. The announcement was handled reasonably with advance notice and grandfathering. Still competitively priced against Netlify for most use cases. Hobby plan (free) was unchanged.
Demonetization threshold — tracks under 1,000 annual streams earn $0
All tracks on Spotify earned royalties from the first stream. Any play generated proportional revenue for the artist.
Tracks that receive fewer than 1,000 streams in a 12-month period generate zero royalties. Revenue redistributed to tracks above threshold.
Affects roughly two-thirds of all tracks on the platform but less than 0.5% of total royalty pool. Spotify framed it as anti-fraud (targeting AI-generated noise tracks) but independent artists with small followings lost their only revenue stream. No opt-out possible.
Spend caps removed from Pro plan — usage-based billing by default
Pro plan ($25/mo) included hard spend cap. Usage beyond included limits simply stopped working. Predictable billing.
Spend caps disabled by default on new Pro projects. Overages billed automatically. Must manually enable spend cap in dashboard settings.
Supabase framed this as improving reliability (no more services stopping mid-traffic-spike). But surprise bills became a concern. The opt-in spend cap is still available but many users don't know to enable it until after their first overage bill.
Stable Diffusion 3 released under restrictive non-commercial license
Stable Diffusion 1.x/2.x: CreativeML Open RAIL-M license — permissive, commercial use allowed. Community built on the open model.
SD3: Stability AI Community License — non-commercial only. Commercial use requires paid API or enterprise license. Model weights restricted.
Broke the social contract that made Stable Diffusion popular. Community felt betrayed after contributing to ecosystem growth. Competitors like Flux (Black Forest Labs) gained traction by staying open. Stability AI's financial troubles likely drove the decision.
Grafana Labs restricts AGPL-licensed code — new features behind Enterprise license
Grafana core fully AGPL-3.0. Most features available in open-source version. Enterprise features were add-ons.
Increasing number of features (correlations, SLO, advanced auth) moved to Enterprise-only. AGPL core still exists but feature gap widens with each release.
Not a license change per se, but a slow feature shift. The AGPL core becomes less useful over time as key observability features land only in Enterprise. Boiling frog approach to commercialization.
Medusa 2.0 maintained MIT license despite cloud product launch
Medusa 1.x: MIT license. Full headless commerce platform.
Medusa 2.0: MIT license preserved. Complete rewrite with new architecture. Cloud offering launched alongside but core remains fully open.
Counter-example to the trend of relicensing. Medusa kept MIT despite launching a competing cloud product. Monetization through cloud convenience, not license restrictions. Strong community trust signal.
Terraform Cloud free tier reduced — resources per workspace limited
Terraform Cloud free: 5 users, unlimited state management, 500 managed resources. Sufficient for small teams.
Free tier: 500 managed resources per org (not per workspace). Teams plan restructured. Plus plan at $10/user/mo for governance features.
The 500 resource limit per org (not workspace) caught teams managing multiple environments off guard. Self-hosting with OpenTofu became the go-to free alternative.
Pricing restructured — per-seat + per-resolution model for AI agent
Per-seat pricing. Standard: $74/seat/month. All conversations handled by human agents at flat rate.
Fin AI Agent: $0.99 per resolution. Human seats remain per-seat. Combined cost unpredictable for high-volume support teams. Essential plan introduced at $29/seat.
Per-resolution AI pricing can spike unpredictably. A support surge means both AI resolution costs and human seat costs increase. Companies report 2-3x total cost increases after AI features enabled.
Mini plan removed — free-to-Pro gap widened
Free → Mini ($5/mo) → Basic ($15/mo) → Pro ($30/mo). Mini offered custom domain at low cost.
Free → Mini removed → Basic ($15/mo) → Pro ($30/mo). Custom domains now require Basic plan minimum.
Removing the $5 Mini plan forces budget-conscious users to jump from free to $15/mo. The free tier without custom domain is unusable for production. Part of broader simplification but hurts indie developers.
OpenAI partnership announced — Stack Overflow content used to train ChatGPT
All Stack Overflow content licensed under CC-BY-SA. Used by everyone, including AI companies, with attribution.
Direct paid partnership with OpenAI. Stack Overflow content fed into ChatGPT training. Users who deleted answers in protest had accounts suspended.
User backlash: many top contributors deleted high-value answers. Stack Overflow restored deleted content and suspended protesting users, citing 'community content' clause in ToS. Crystallized debate about platform ownership of user contributions.
Core Redis relicensed from BSD to dual RSALv2/SSPL
BSD 3-Clause — fully open source. Cloud providers could offer managed Redis freely.
Redis Source Available License v2 + SSPL dual license. Cloud providers cannot offer competing Redis services without commercial agreement.
Forked as Valkey by Linux Foundation with AWS, Google, Oracle backing. Redis Ltd. effectively killed the open-source Redis project to protect Redis Cloud revenue.
Free tier (Hobby plan) eliminated — all databases require paid plan
Hobby plan: 5GB storage, 1B row reads/mo, 10M row writes/mo, 1 production branch + 1 development branch. Free.
Hobby plan removed entirely. Minimum plan: Scaler at $39/month. Existing hobby databases given 30 days to upgrade or face deletion.
Affected hundreds of thousands of developers using PlanetScale for side projects and learning. Many migrated to Neon, Turso, or Supabase. PlanetScale later introduced a limited hobby tier after backlash, but trust was damaged. The 30-day deadline to pay or lose data was seen as hostile.
Free tier effectively removed — $5/mo minimum for hobby plan
Generous free tier: 3 shared-CPU VMs, 160GB bandwidth, free Fly Postgres. No credit card required.
Credit card required. $5/mo minimum on hobby plan. Free allowances reduced. Unused VMs billed. Existing free users grandfathered briefly then migrated.
Fly.io cited sustainability and abuse prevention. Many tutorial/hobby projects suddenly incurred costs. The Postgres offering also became less generous. Community understood the business need but the transition was bumpy.
License changed from fair-code to Sustainable Use License — commercial restrictions tightened
Apache-2.0 with Commons Clause. Self-hosting for internal use was clearly permitted.
Sustainable Use License: self-hosting for internal use still allowed. But offering n8n as part of a product or managed service explicitly prohibited without commercial agreement.
Targeted at preventing competitors from offering hosted n8n. Internal company use is still fine. The 'Sustainable Use' framing is similar to BSL but with different conversion terms. Self-hosters mostly unaffected.
Starter plan restructured — contacts-based pricing tiers steepened
Starter: $20/mo for 1,000 contacts. Additional contacts at declining per-contact rate.
Starter: $20/mo for 1,000 contacts (same). But Professional jump to $890/mo now required for previously Starter-included automation features. Feature gating between tiers increased.
The gap between Starter ($20/mo) and Professional ($890/mo) creates an awkward middle ground. Growing businesses hit automation limits on Starter but can't justify 40x price jump. Benefits ActiveCampaign, Brevo alternatives.
Standard plan renamed to Standard — Professional increased to $16/seat/month
Essentials: $8/seat/month. Professional: $12/seat/month. Teams: $16/seat/month.
Standard: $10/seat/month (was Essentials). Teams: $16/seat/month (was Professional). Enterprise: custom. Features reshuffled between tiers.
Renaming tiers while reshuffling features creates confusion. Some previously Professional features moved to Teams tier. Cal.com remains the open-source alternative with feature parity.
API data retention policy updated — inputs/outputs retained 30 days for abuse monitoring
API data not retained beyond the immediate request-response cycle by default. No mention of retention windows for safety review.
API inputs and outputs retained for up to 30 days for safety and abuse monitoring, even for API (non-ChatGPT) customers. Opt-out available on Enterprise with a zero-retention policy.
Critical for HIPAA, legal, and finance customers who assumed zero retention. The 30-day default catch many companies off-guard during compliance audits. Enterprise zero-retention is expensive. Prompt injection attacks mean malicious content could be in the retained data.
Code snippets and telemetry shared with OpenAI for model improvement
Copilot for Business: code snippets not retained. Individual plan: snippets retained for up to 28 days for abuse detection.
Updated telemetry policy: prompts, suggestions, and code context may be used to improve models. Business tier still excludes training, but Individual tier data feeds into future models.
The distinction between Business and Individual tiers means solo developers and OSS contributors are effectively donating training data. Opt-out requires disabling telemetry entirely.
Notion AI opt-out policy — workspace data used for AI feature improvement
Notion did not use customer workspace content for training AI models. AI features processed data but did not retain it.
Notion may use content interactions with Notion AI to improve AI features. Opt-out available in workspace settings but not enabled by default. Enterprise plans excluded.
The default opt-in approach meant most users were contributing training data without realizing. Enterprise customers explicitly excluded, creating a two-tier privacy system. Many teams upgraded to Enterprise solely for this reason.
Atlassian eliminates server licenses — cloud-only for all products
Self-hosted Server licenses available for perpetual purchase. Data Center for large deployments. Cloud as third option.
Server licenses permanently ended (Feb 2024). Only Cloud or Data Center remain. Data Center minimum: 500 users. Small teams forced to Cloud.
Affected thousands of companies that preferred self-hosting. Data Center's 500-user minimum priced out small teams. Many migrated to Jira Cloud reluctantly or switched to Linear, Plane, or YouTrack.
Business subscription price increase and per-seat enforcement tightened
Docker Business: $21/user/month. Pro: $5/month. Companies >250 employees required paid plan (since 2021).
Docker Business: $24/user/month. Compliance enforcement tools to detect unauthorized usage. Pro: $9/month. Scout vulnerability scanning pushed as value justification.
Second price increase since the 2021 licensing change. Companies with large developer teams feel the cost adds up. Podman Desktop and Rancher Desktop gain adoption as free alternatives.
Bitbucket Pipelines build minutes reduced on free tier
Free tier: 50 build minutes/month. Standard: $3/user with 2500 minutes.
Free tier: 50 minutes (unchanged but enforcement stricter). Standard increased to $3/user. Premium: $6/user with required minimum 5 users.
50 free minutes is nearly useless for CI/CD. Combined with Atlassian's push toward Premium for features like deployment permissions, the cost gap between free and useful widened.
Authy desktop app discontinued — mobile-only 2FA
Authy offered cross-platform 2FA: desktop apps for macOS, Windows, Linux plus mobile apps. Millions of users relied on desktop access.
Desktop apps discontinued. Users must use mobile app only. No export function for TOTP secrets. Desktop app stopped syncing, then stopped working entirely.
Users had no way to export their 2FA seeds. Forced migration to mobile-only with no alternative desktop option. Many users lost access to accounts when desktop app stopped working before they migrated. Twilio offered no migration tool.
Free developer plan limited to 100 emails/month (down from no specific limit)
Free trial with 25k emails included. After trial, reasonable sending limits on free tier for testing.
New permanent free tier: 100 emails/month. Enough for development and testing only. Production requires paid plan starting at $15/mo.
Generous compared to competitors (SendGrid free: 100/day). But the 100/month cap makes it unsuitable for any production use. The clear positioning as 'developer testing only' was transparent.
Payload 2.0 moved from MIT to a custom source-available license, then Payload 3.0 returned to MIT
Payload 1.x: MIT license. Fully open source.
Payload 3.0: MIT license restored. All features open source including cloud-specific plugins. Payload Cloud is the monetization path, not licensing.
Brief license wobble during 2.x was corrected. Payload 3.0 (built on Next.js) returned to MIT. The team chose to monetize via hosted cloud rather than license restrictions. Good precedent.
Kong Gateway Enterprise plugins clarified as proprietary — OSS plugin gap widens
Kong OSS with most plugins available. Enterprise plugins were add-ons for advanced use cases.
Increasing number of popular plugins (OIDC, Vault, OPA, GraphQL proxy) moved to Enterprise-only. OSS gateway remains functional but plugin gap grows each release.
Similar to Grafana's approach — OSS core remains free but valuable plugins are Enterprise. APISIX and Tyk gain traction as alternatives with more OSS features.
Custom metrics pricing change — cardinality-based billing shocks customers
Custom metrics billed per unique metric name at ~$0.05/metric/month. Predictable cost per metric series.
Metrics without Limits: ingested metrics billed separately from queried metrics. Cardinality-based pricing means a single metric with high tag cardinality can cost thousands/month.
Companies discovered single misconfigured metrics costing $10k+/month due to tag cardinality explosion. Datadog's billing opacity is a recurring industry complaint. Cost governance requires Datadog-specific expertise.
Tasks included per plan reduced by 50-60% — effective price doubled
Professional: 2,000 tasks/mo at $49/mo. Team: 50,000 tasks at $399/mo.
Professional: 750 tasks/mo at $49/mo (62% reduction). Team: 2,000 tasks at $69/mo. New task-based pricing penalizes high-volume automation.
Massive effective price increase disguised as plan restructuring. Companies running thousands of automations saw costs double or triple. n8n and Make saw significant migration from Zapier users.
Freddy AI features introduced with per-session pricing
Freshdesk plans included basic AI features (article suggestions). No per-interaction AI costs.
Freddy AI Copilot: per-session pricing for AI-assisted ticket resolution. Freddy AI Agent: per-resolution pricing similar to Intercom's Fin model.
Following Intercom's per-resolution model. AI costs become variable and unpredictable for high-volume support teams. The trend toward usage-based AI pricing across support tools is concerning for budget planning.
Developer account free tier bandwidth reduced to encourage paid adoption
Free developer account with generous bandwidth for testing and small sites.
Free developer account with reduced bandwidth limits. Production usage requires paid tier. $50 minimum monthly spend on paid plans.
$50 minimum is a barrier for small sites that just need CDN. Cloudflare free tier (unlimited bandwidth) and Bunny.net (pay-as-you-go from $0.01/GB) are more accessible alternatives.
Suite plans restructured — AI features bundled into higher tiers only
Suite Team: $49/agent/month. Suite Growth: $79. Suite Professional: $99. AI features available as add-on across tiers.
Suite Team: $55/agent/month. Growth: $89. Professional: $115. Advanced AI add-on: $50/agent/month. AI features increasingly gated to Professional+.
10-15% price increases combined with AI feature gating. The $50/agent AI add-on doubles effective cost for teams wanting automation. Freshdesk and Crisp gained migration interest.
Bandwidth overage pricing change — $55 per 100GB on all plans
Bandwidth overages on free plan: site disabled. Pro plan: $20/100GB overage. Predictable caps.
All plans: $55/100GB overage billed automatically. No spend cap on free tier. A single viral post could generate hundreds of dollars in unexpected bills.
The $55/100GB rate was steep — a Hacker News front page could cost $500+. Netlify later added spending notifications but no hard cap. Many developers moved to Cloudflare Pages (free unlimited bandwidth) to avoid surprise bills.
Free tier restricted from 25 videos to 25 videos with 5-minute limit
Free: 25 videos per person, up to 5 minutes per video. Starter: $12.50/creator/month.
Free: 25 videos, 5 minutes (unchanged limit but stricter enforcement). Business: $12.50/creator/month. Enterprise: custom pricing. Acquired by Atlassian for $975M.
Atlassian acquisition raised concerns about eventual integration-only model. Some features previously in free tier moved to paid. The 5-minute limit on free makes it impractical for real async communication.
Runtime Fee — per-install charge introduced retroactively
One-time seat license. Ship unlimited installs. No per-install fees ever.
New Runtime Fee: $0.01–$0.20 per install after thresholds. Applied retroactively to games already shipped on older Unity versions.
Massive backlash forced Unity to apologize and revise. CEO resigned. The retroactive application to existing games was unprecedented in the industry. Partially walked back but trust permanently damaged.
Community fork launched under Linux Foundation after BSL switch
Terraform MPL 2.0 with thriving ecosystem of community providers and modules.
OpenTofu forked from last MPL commit. Drop-in replacement. Linux Foundation governance. Companies migrating to avoid BSL restrictions.
HashiCorp sent cease-and-desist to OpenTofu contributors claiming code copying. OpenTofu documented clean-room approach. The fork attracted Spacelift, env0, Scalr as backers.
Terraform and all products switch from MPL 2.0 to BSL 1.1
Mozilla Public License 2.0 — permissive open source. Anyone can use, modify, redistribute, including competitors offering hosted versions.
Business Source License 1.1 — source available but competing commercial use prohibited. Converts to MPL 2.0 after 4 years.
Triggered the OpenTofu fork by Linux Foundation. Companies running Terraform at scale had to evaluate legal risk. IBM later acquired HashiCorp for $6.4B.
TOS update granting perpetual rights to use content for AI training
Zoom used customer content to provide and maintain the service. Standard limited license.
Section 10.4: Perpetual, worldwide, royalty-free license to use customer content for AI/ML training, including after account termination.
Updated after massive backlash. New version says they won't use customer audio/video for AI without consent. But the initial attempt revealed their intent. Many enterprises started evaluating alternatives.
Free tier replaced with trial — $5 one-time credit, then pay
Free tier: $5/month recurring credit. Enough for small hobby projects to run indefinitely.
Trial plan: $5 one-time credit (non-recurring). After exhaustion, services pause. Must enter credit card for hobby plan ($5/mo included usage).
Killed the 'infinite free hosting' use case. Students and hobbyists had to migrate to alternatives or start paying. Railway was transparent about the change being necessary for sustainability. Existing free-tier users got a grace period.
HashiCorp Vault relicensed from MPL 2.0 to BSL 1.1 alongside all products
Vault MPL 2.0 — open source. Companies self-hosted Vault freely, competitors offered managed Vault services.
BSL 1.1 — production use allowed but competing commercial services prohibited. Converts to MPL after 4 years.
Part of HashiCorp's blanket BSL switch affecting Terraform, Vault, Consul, Nomad, and all products. OpenBao fork emerged as the community alternative to Vault. Enterprises using Vault internally are unaffected but the trust signal changed.
Workspace Labs / Duet AI: user content in early access programs used to improve AI
Google Workspace files and emails used only to provide the service. No AI training on user content.
Workspace Labs participants (and later Duet AI beta users) agreed that their content could be reviewed by humans and used to improve Google AI. Opt-in for early access, but many users enrolled without reading.
Limited to early access programs, not all Workspace users. But many organizations enrolled at the org level. GA of Gemini for Workspace in 2024 carried its own terms — review before enabling for your org. Core Workspace data remains outside training for paying customers.
API pricing set at $0.24 per 1,000 calls — effectively killing third-party apps
Free API access with generous rate limits. Third-party apps like Apollo, RIF, Sync thrived with millions of users.
$0.24 per 1,000 API calls. Apollo developer estimated $20M/year cost. No free tier for commercial apps. 30-day implementation deadline.
Apollo, Reddit Is Fun, Sync, and dozens of third-party clients shut down. Massive subreddit blackout protest. Reddit CEO compared Apollo developer to a blackmailer. IPO followed months later.
Revenue split changed from 70/30 to 50/50 for top streamers
Top-tier partners received 70/30 revenue split on subscriptions ($3.50 per $4.99 sub). Premium deal for high-performing creators.
70/30 split capped at first $100k/year in sub revenue. Everything above reverts to standard 50/50 split. Applied to existing contracts.
Amazon/Twitch justified this as 'sustainability.' Top streamers lost significant income. Accelerated creator migration to YouTube and Kick. Combined with aggressive ad requirements, this marked a clear shift from creator-first to platform-first economics.
All plan prices increased 33% — Basic from $29/mo to $39/mo
Basic: $29/mo. Shopify: $79/mo. Advanced: $299/mo. Stable for years.
Basic: $39/mo (+34%). Shopify: $105/mo (+33%). Advanced: $399/mo (+33%). Transaction fees unchanged.
Across-the-board 33% increase with no new features to justify it. Small merchants hit hardest. Shopify cited inflation and increased feature investment. WooCommerce, Medusa, and Saleor saw interest spikes.
Free API tier eliminated, minimum $100/month for basic access
Free API tier: 1,500 tweets/month write, full read access, streaming endpoints. Standard tier at $0.
Free tier: write-only, 1,500 tweets/month, no read. Basic tier: $100/month for 10,000 reads. Enterprise: $42,000/month.
Killed thousands of bots, research projects, and integrations overnight. Academic researchers lost access to critical data. Many third-party Twitter clients shut down permanently. 30-day notice.
Free tier CI/CD minutes slashed from 400 to 400 — storage limits introduced
Free tier: 400 CI/CD minutes, 10GB storage per project, unlimited collaborators.
Free tier: 400 CI/CD minutes (same), but 5GB storage per project (halved). Transfer limits added. Namespace storage limits enforced project-wide.
The storage limit hit teams with large repos or container registries hard. Many open-source projects forced to optimize or pay. GitLab positioned this as 'sustainable free tier.'
Major security breach — unauthorized access to customer secrets and environment variables
CircleCI stored customer secrets (API keys, tokens) encrypted. Customers trusted CircleCI as a secure CI/CD platform.
Breach disclosed: threat actor accessed customer environment variables, SSH keys, and tokens stored in CircleCI. All customers advised to rotate ALL secrets immediately.
One of the most significant CI/CD security incidents. Affected every CircleCI customer. The advice to rotate every secret stored in CircleCI was unprecedented. Trust in centralized CI/CD secret storage damaged industry-wide.
Free tier completely eliminated — all dynos, Postgres, Redis require payment
Free tier: 550-1000 dyno hours/mo, free Postgres (10k rows), free Redis (25MB). Running since 2011.
All free resources deleted. Minimum: Eco dynos at $5/mo. Free Postgres databases deleted with 30-day notice. No free tier of any kind.
End of an era. Heroku's free tier defined a generation of developers learning deployment. Millions of hobby projects and tutorials broke. Mass migration to Railway, Render, and Fly.io. Salesforce's underinvestment in Heroku led to the cuts.
Rate limits imposed on free anonymous and authenticated pulls
Unlimited anonymous and authenticated pulls from Docker Hub. No rate limits on any tier.
Anonymous users: 100 pulls per 6 hours. Authenticated free users: 200 pulls per 6 hours. Paid plans: unlimited. Auto-deletion of images inactive for 6+ months.
Broke countless CI/CD pipelines overnight. Companies had to add Docker Hub authentication to build systems or mirror images to private registries (ECR, GCR, GHCR). The image deletion policy was later softened after community outcry, but rate limits remained.
Switched from AGPL to Server Side Public License (SSPL)
GNU AGPL v3 — strong copyleft but OSI-approved. Cloud providers needed to share modifications but could offer managed MongoDB.
SSPL — if you offer MongoDB as a service, you must open-source your entire service stack (monitoring, backup, orchestration, etc).
SSPL is not recognized as open source by OSI or most Linux distributions. Set the template that Redis and Elastic later followed. Amazon launched DocumentDB as a response.