[vkat]

In all the enterprise companies I worked for we are drilled with required learning and assessments which often include training on software licenses. The aim of these training is devs to keep an eye for license and defer to someone higher up if in doubt. These processes are manual and catch only so much.

In companies with mature software processes there is always tooling that will block a release if it finds unacceptable license. To me it looks like TikTok hasn't properly invested in tooling and this somehow slipped.

[8ytecoder]

Enterprises of even modest size take it very seriously. They’ll be juicy targets to go after. It’s everything between startups to midsize companies where this is not clearly defined. Just ask the VCs who do due diligence. Almost everyone of them will audit your licenses before they invest. One of the things they ask for is the list of libraries you use and their licenses.

[rectang]

As a open-source-license expert dev, in the past I've been able to offer a lot of value to my employer by assembling that list in such a way that the buyer could have high confidence in our audit of dependencies.

This doesn't protect anybody against illegal copy-pasta by ignorant/irresponsible devs, though.