Ask an Engineering Team Lead: Should I care about licenses on packages?

It’s really important. Using software, even open source, in your work with the wrong license is a legal problem. Our company has a legal team and they have to approve software we use due to potential legal issues we could introduce, which could put the company at risk.

The reason why it’s probably not a big deal for some could come down to:

  • Lack of awareness to what the licenses mean

  • Lack of time to dig into all of the licenses, especially npm stuff where you could have a huge dependency tree

  • Lack of legal support to know what to do

  • The likelihood of getting into legal trouble is pretty low for your typical open source package