This documentation is archived and is not being maintained.

Using source control for stored procedures exposes your database to security risks.

On first use of a database for source control of stored procedures, this message warns you that there are associated security risks for your database. Users must be system administrators (the SYSADMIN security role) to execute any of the source control commands for stored procedures.

The security risk is that users who are granted SYSADMIN permission in order to use source control for stored procedures also have permission to alter the database or its host environment in unexpected ways.

As a general rule, you should allow source control for stored procedures only on test or developer workstations and never in a production environment.