How do people find out or know whether your repo which is having MIT or apache or AGPL license is being used by a corpo and profiting from it and not making the code open source or paying license fees?
You don’t.
Unless it is publicised or an obvious bug exists in your code and you see the consequences of it in their system.
My takeaway from that is that I should start putting canary bugs in my code 😆
I think cartographers also used to put fake things on their maps to detect unauthorized copies.