he went to work for a company we were a vendor for
Sounds like he's getting paid to work on the same thing by a slightly different stakeholder.
I'd happily pay $$$$$$ to hire someone with commit access to Cloudflare, AWS or Google's codebase who could fix the goddamn bugs, let alone add new features.
> Sounds like he's getting paid to work on the same thing by a slightly different stakeholder.
This honestly sounds like the sort of thing I'd sit down with the employee, their new employer, and various "Compliance Team" members, and firm up a bit.
Sounds good for everyone.
We get our bugs fixed, $vendor gets to say "Well we have this thing that was developed in-house for BoshNet, that might solve your problem too, it's going to cost you <some comical amount>", and everyone's happy.
Never happy is a bit of an exaggeration. SYSV UNIX had all of these risks
and various legal departments went through them as they do regularly for more typical types of research.
That’s the “firming up” bit. You have a contract that deems the code “work for hire” even though the money flow is wonky. Legally the guy is like any 1099.
