Kibit evaluates and runs code it parses with no option to disable it

[irotem]

trafficstars

Trying out kibit I found out it executes some of my code in my projects if for instance there is a form inside my code such as

#=(println "POC")

this happens because it is using clojure.tools.reader/read which is a unsafe way of reading edn code.

I tried fixing this by changing it to use clojure.tools.reader.edn but then some tests do not work and some weird behaviour occurs.

I think it is important to put in the readme a warning which says that running kibit on unverified code may execute code on the machine running it, in addition adding an option for safe checking the code in case someone wants to put kibit in their CI/CD pipeline in a secure way

[danielcompton]

I'd take a docs patch for this at a minimum. I suspect that clojure.tools.reader.edn isn't going to do what we want, but would be open to suggestions if people can find a safe way to read the code.