In fact they even sell insurance for this, and companies that want you to use their software can offer indemnity protection with the same effect.
"What if somebody sues me because my use of your software constitutes a violation of their intellectual property rights?" – "Don't worry, we will protect you. Since you pay so much money and are a valued customer of XYZcorp, we don't want you to worry about such things. You'll be covered by our umbrella policy."
This conversation certainly happens, (although it almost certainly wouldn't have happened between any of "Rails" customers and the Rails core team.)
This has not been my experience. Getting the work done fast is prioritized more highly than the (small) compliance risk. Unless the company wants to pay you to invent a bespoke in-house version of React.
For using open source stuff while working on your machine there are often pre approved licenses. But for production use and even more for software being distributed any serious place I have seen, there is paperwork. (Sometimes of better quality, sometimes more of a rubber stamp process)
"What if somebody sues me because my use of your software constitutes a violation of their intellectual property rights?" – "Don't worry, we will protect you. Since you pay so much money and are a valued customer of XYZcorp, we don't want you to worry about such things. You'll be covered by our umbrella policy."
This conversation certainly happens, (although it almost certainly wouldn't have happened between any of "Rails" customers and the Rails core team.)