I'm currently looking at metadata solutions for Microsoft SQL Server 2016. I'm interested in using Schemaspy. I think it looks like a great free way to document metadata, but I'm worried that it may not be secure for use in a company with sensitive data.
Question: Is Schemaspy secure to use? Can it be used as a loophole to hack into servers?
Thank you very much in advance!
SchemaSpy is solution that can be used with sensitive and confidential data.
Application code itself is not reading the database data but database structure and metadata from jdbc driver.
SchemaSpy is run as local program and everything what application is generating happen only on your computer and stay there.
In the code base we are not using any external servers or web services in the process of generating and preparing database documentation.
You can look on generated example by SchemaSpy: http://schemaspy.org/sample/index.html