Some magic happened about situation talked in earlier rant at below link.

https://devrant.com/rants/2910513/...

Now magically even before I inform about this situation directly to the client, now after 8 years they used some proprietary static code analyzer on latest app source & found out around 200+ security issues which covers most pain points I told in the above rant.

I also found out that there is a list of 100+ vulnerabilities documented in client doc repo, which were pending since around 5-6 years.

Now I have to work along my junior to fix these both kind of issues.

Suddenly dull maintenance project became much challenging & interesting. :-)