Can you name one of these big, rich, and careless companies, please?

Uh, vaguely? [Someone who isn't me] is aware of this happening at an american retailer.

It basically happens like this:

"Oh this code solves our problems and has a nice community around it for network effects!"

**developers proceed to adopt codebase without checking the license**

**months later**

"Oh, huh this license has some interesting language in it..."

Then the employee doesn't mention it; because the risk of having to re-do a bunch of work feels higher than the risk of getting in trouble for violating a license. Basically, unless it's Oracle; people just kinda shrug it off as a "wontfix".

My whole thing is that any system depending on people to read and follow a license is quite flawed in terms of enforcement, and is largely designed specifically so that powerful encumbents can make claims, not individual developers.

Laws have to be enforced or people will ignore them. If there's no practical way to enforce a law that doesn't involve violating freedoms - you're kinda fucked.

I'll name a counterexample: Google (used to work there) is very careful with the provence of external code, to the point that for simpler things it's often easier to write something internally than use the standard external thing.

I can, roughly. One of the big international US based financial institution. Zero real concern for any licensing associated with software, across multiple teams I'd worked on in multiple lines of business. You find a library that works, you use it. Present in systems that touch dollars in the trillions per week.

I always found this weird while I was working at this company, but then, they have no reason to care about ephemeral threats that have never been brought to bear in a meaningful way. No consequences = no reason to spend literal billions retooling the entire tech side of your company over a decade.