This software is riddled with vulnerabilities and shouldn't be used anywhere:

• no authentication
• leaks credentials of remote or local db in editDb
• remote code execution in doNewRun

Please add a warning in README or fix these issues.

Hello,

This project is used in isolated environments for migration purposes in alpha development status.

What you point out is indeed problematic when used in an "open" environment : this project is generally used in a closed environment as part of a migration project.

As far as good practices for reporting security problems are concerned, it's best to do so privately, to give the developer time to correct the problem before publication.

We are currently considering the next steps in the project. We're probably going to archive it and stop development. Indeed, our migration team is moving to another methodology and project.

As this is an opensource project, don't hesitate to contribute with a PR to correct the reported problem ;) .

Best regards,