Coldcard also built on many open source libraries (not just Trezor's) when they designed their product. For them to start whining about people building up their open source library is just pure hypocrisy.
Are they even allowed to change from GPL to MIT license?
If they're building on other GPL software, they have to keep the same license for their own software:
GNU General Public License (GPL): The GPL is one of the most well-known open source licenses. It is considered a restrictive license, as it requires that any changes made to the code must be released under the same GPL license, and any software that uses the code must also be released under the same GPL license. Additionally, if a user distributes the software, they must also provide the source code and any changes they made to it.
I think that's true, but the ColdCard offers more features than any other hardware wallet I've used. I'm no expert on the code, the licensing, or where the code originated, but having included features like (for example,) Bip85 (deterministic seed phrases that are backed up by the primary seed, which is a pretty slick feature,) could justify changing the licensing due to those features. If nvK wants to protect his intellectual property by protecting unique snippets, I don't see a problem with it as long as it's available to the public for scrutiny.