> Specifically, if I were corporate counsel at a company looking to use MIT-licensed code in a product of ours, and our due diligence uncovered that just such a thing had happened, I would advise against using that code.
I get that corporate counsel is extremely conservative (do you practice in this area?) and often insensitive to the costs of following their advice (as opposed to the costs of not following it) and you may well be right that this is what they would advise if asked explicitly. But I don't think the end result is good advice for an engineer.
> The risk—that is, likelihood multiplied by the magnitude of the severity of the consequences—of being compelled to license our software under the GPL would be far too high.
I think you're overestimating both likelihood and severity. Likelihood -- I mean, your internal hash table is never going to see GPL enforcement action. Severity -- the least expensive path to remediation is unlikely to be GPL'ing your software. You could replace the component, for example.
I get that corporate counsel is extremely conservative (do you practice in this area?) and often insensitive to the costs of following their advice (as opposed to the costs of not following it) and you may well be right that this is what they would advise if asked explicitly. But I don't think the end result is good advice for an engineer.
> The risk—that is, likelihood multiplied by the magnitude of the severity of the consequences—of being compelled to license our software under the GPL would be far too high.
I think you're overestimating both likelihood and severity. Likelihood -- I mean, your internal hash table is never going to see GPL enforcement action. Severity -- the least expensive path to remediation is unlikely to be GPL'ing your software. You could replace the component, for example.
I appreciate the discussion, by the way. Thanks!