Also, considering the owner of the repository considers the Chinese state a dictatorship, it's pretty fair to assume "calling the Chinese police on him" doesn't mean anywhere near the same as it means calling the police in Europe or America. This is clearly the worst kind of threat you can make to this developer.
You seem to be giving all the possible benefit of the doubt to the company while giving less than none to the repository owner, even when they provided information about how what they're doing is not breaking the law, and provided a proper way to solve the issue, DMCA. At the same time, the company hasn't provided much.
I don't see why anyone should assume that the company knows anything more than that but is still resorting to threats instead of solving this the easy way.
The accusations don't have a leg to stand on, otherwise a simple DMCA would have solved the issue, period.
EDIT: Also, I don't see how this conversation can continue. If you don't see a problem with calling the CCP police on someone whose only personal information we know is that he's anti-CCP, then I don't think we have enough ethical common ground to even continue this discussion.
However I would still encourage open source authors to be educated on Chinese law and to avoid telling Chinese citizens to do things that could potentially get them arrested in China. If there is a real legal threat there it's irresponsible to ignore it. So in the end it's probably good that it was posted on Github.
Edit to respond to your edit: That's not my view. The issue is that the police have already been called by a different party. (or the equivalent of it, i.e. the company is contractually obligated to contact the government in the event of a violation, under threat of legal action from that government) The email appears to just be informing them of that fact. In my view, that is the only responsible thing to do. The only other option is to just not inform them, and have the police show up anyway.
