Although many companies are familiar with the "copyleft" aspects of licenses like the GPL, they are often unaware that most open source packages include multiple dependencies and bundled components that often have different licenses. An open source package with a "liberal" license may include bundled components licensed under the GPL or other more restrictive licenses. Open source licenses can also conflict with each other, creating legal issues that must be addressed. Without a comprehensive understanding of every license associated with the open source packages used in the enterprise, organizations may be at risk of violating the legal obligations of one or more licenses.
These risks exist even for companies that do not typically sell or distribute software. Incidental distribution — such as providing partners, customers, or even consultants with internal applications based on open source — may create obligations on licenses.
It's a sponsor read, but brings out a lot of things that some may not be aware of.