Has anyone reading this ever worked at a place that had something like this (and was more than a paper illusion)? I think you're being overtly optimistic of big companies' IT practices.
IME, many big companies are so change-averse that an event like this is mostly irrelevant to their projects. Even if the external developer who was previously maintaining the library were still maintaining it, the project the big company is shipping would still be like 2-3 major versions behind with no immediate plans to upgrade.
Having access to the source and the legal ability to modify it without releasing rights to their own IP is the only issue I've really seen big companies be wary about when it comes to using external libraries, and practically speaking that's probably all they should be worried about.
Working at a large pharmaceutical, I can assure you this is real. There's a governance structure that rivals the size and budget of a medium sized business' entire software team's.
Having access to the source and the legal ability to modify it without releasing rights to their own IP is the only issue I've really seen big companies be wary about when it comes to using external libraries, and practically speaking that's probably all they should be worried about.