In the Netherlands the law is pretty straigtforward that this is a bad idea:
> The "Nature of Employment" Rule: If you are hired as a software developer, almost any software you create (even in your own time) can be claimed by your employer.
We always advise our employees to request an exception for it. We are pretty relaxed about it, but we don't give out a blanket exception
The second example given (extracting information from a web view) is also weird. The rust code has the exact same flaw as the java code, which is that they do not validate the source. I think the author didn't really understand the underlying problem here. Bounds checking was not the issue with the java (android) code
From what I understand, they only have to review/audit the times a gem was yanked, to see if it was a legitimate action. I reckon there is a lot less occurrences
if your manager is ok with it, don't register it as a sick day. Makes it potentially more complicated with the company doctor. Just consider it a workday spend on ...whatever. Manager being ok with it means you deserved it though :) (EU based engineering manager speaking)
We are using Clickhouse combined with GDPR's Data Deletion Requests. We store the user-ids in a separate system, and run the ALTER/DELETE statements once per week. Works pretty smooth, though I would prefer some more automation within Clickhouse for them.
Data for in-active users gets deleted because our clickhouse retention policy is lower than the in-active-user timeout