KytheraDB -- Features

Complete feature reference for KytheraDB. Each feature includes its description, the problem it solves, key capabilities, plan availability, and related features.

Schema Explorer and Graph Viewer
Data Explorer (CRUD)
SQL Console
Mass Patch
Bridge / Data Transfer
Anonymization
Seed Studio
Validation and QA
Performance Monitoring
Preflight Guard
RGPD/Compliance
Import/Export
SQL Console Features (Terminal v2)
Configuration Center
Governance
Multi-DB Support
Authentication and Billing
Smart Synthetic Data
Custom References

1. Schema Explorer and Graph Viewer

Description: Real-time database introspection that displays every table, column, type, constraint, index, and foreign key in your database. The graph viewer renders table relationships as an interactive directed graph.

Problem it solves: Developers spend significant time reading migration files, ERD tools, or running manual queries to understand database structure. Schema Explorer gives instant, always up-to-date visibility without leaving the platform.

Key capabilities:

Full schema introspection (tables, columns, types, nullability, defaults, primary keys, foreign keys, indexes, unique constraints)
Interactive graph visualization powered by Cytoscape.js with dagre layout
Focus mode: select a table to see only its direct relationships
Dependency ordering (topological sort for insert/delete order)
Schema snapshot history with diff comparison
Health audit: detect missing PKs, orphan tables, naming inconsistencies
Domain classification: automatic detection of table roles (reference, transactional, audit, join)
Table detail panel with column metadata, constraints, and annotations
Migration script generation from schema changes

Plan availability:

Capability	Starter	Pro	Enterprise
Schema Explorer	Yes	Yes	Yes
Graph Viewer	Yes	Yes	Yes
Health Audit	No	Yes	Yes
Migration Generator	No	No	Yes

Related features: Data Explorer, Profiling, Validation

2. Data Explorer (CRUD)

Description: A full-featured data browser and editor that lets you view, create, update, and delete records in any table. Includes dynamic form generation, foreign key resolution with dropdown lookups, pagination, sorting, filtering, and 360-degree entity views showing all related records.

Problem it solves: Switching between database clients, writing ad-hoc queries to inspect data, and manually constructing INSERT/UPDATE statements is error-prone and slow. Data Explorer provides a safe, visual interface for everyday data operations.

Key capabilities:

Paginated data table with sortable columns
Dynamic form schema generation based on column types
Foreign key resolution: dropdown selectors populated from referenced tables
360-degree entity view: see a record and all records referencing it across other tables
Record creation with type validation
Inline record editing
Record deletion with confirmation
Read-only mode for Starter plan

Plan availability:

Capability	Starter	Pro	Enterprise
Read-only access	Yes	Yes	Yes
Write access	No	Yes	Yes

Related features: Schema Explorer, SQL Console, Import/Export

3. SQL Console

Description: An intelligent SQL execution environment with CodeMirror 6 editor, real-time autocomplete, SQL analysis with risk detection, guard rail enforcement, and query preview. Supports SELECT, INSERT, UPDATE, DELETE, and DDL statements with plan-based permissions.

Problem it solves: Running SQL directly against a database is risky without visibility into what the query will affect. The SQL Console analyzes queries before execution, warns about destructive operations, and enforces guard rails to prevent accidental damage.

Key capabilities:

CodeMirror 6 editor with SQL syntax highlighting
Schema-aware autocomplete (table names, column names)
SQL analysis: parse queries with sqlglot, detect statement types, estimate affected rows
Guard rail enforcement: block or warn on destructive operations based on project configuration
Query preview: see affected rows before executing
EXPLAIN plan visualization
Read-only mode for Starter plan, full write access for Pro and Enterprise
Multi-tab support with independent editor state
Detachable terminal: pop out into a separate browser window
Pill/overlay/terminal layout modes

Plan availability:

Capability	Starter	Pro	Enterprise
Read-only SQL	Yes	Yes	Yes
Write SQL	No	Yes	Yes

Related features: Preflight Guard, Mass Patch, Performance Monitoring

4. Mass Patch

Description: A controlled workflow for executing large-scale data modifications across your database. Every patch goes through a mandatory pipeline: creation, guard rail validation, dry-run simulation, approval, execution with automatic snapshots, and optional rollback.

Problem it solves: Mass UPDATE or DELETE operations on production data are high-risk. Without dry-run, snapshots, and rollback, a single mistake can cause irreversible data loss. Mass Patch ensures every bulk operation is auditable, reversible, and validated before execution.

Key capabilities:

Patch creation with SQL (free-form or template-generated)
SQL analysis: parse and validate SQL, detect statement types and affected tables
Guard rail validation: check against project-wide policies (max affected rows, blocked patterns, required WHERE clauses)
Dry-run simulation: execute in a transaction, capture before/after snapshots, then rollback
Diff viewer: compare before/after state of affected rows
Automatic snapshot before execution for rollback
Batch execution with progress tracking via SSE streaming
Rollback: restore data from pre-execution snapshot
Approval workflow with status tracking (draft, dry_run_ok, approved, executing, done, rolled_back)
Export to SQL or Liquibase XML changeset format
Duplicate patches for iterative refinement
Template builder for common operations (update column, delete where, nullify)

Plan availability:

Capability	Starter	Pro	Enterprise
Mass Patch	No	Yes	Yes

Related features: SQL Console, Preflight Guard, Configuration Center (guard rails)

5. Bridge / Data Transfer

Description: Transfer data between two database connections within the same project. Handles schema differences, FK ordering, conflict resolution, and optional anonymization during transfer.

Problem it solves: Moving data between environments (dev, staging, production) typically requires manual SQL dumps, careful ordering of inserts to respect foreign keys, and handling conflicts when target tables already contain data. Bridge automates the entire process.

Key capabilities:

Validate source and target connections before transfer
Preview: compare row counts and detect differences between source and target
Missing tables detection with automatic structure cloning (CREATE TABLE)
FK-ordered insert: topological sort ensures parent records are inserted before children
Conflict strategies: skip existing, overwrite, or merge
Hash-based change detection: compute row hashes to identify actually changed records
Transfer history tracking
Optional anonymization during transfer (Enterprise only)

Plan availability:

Capability	Starter	Pro	Enterprise
Bridge	No	Yes	Yes
Bridge + Anonymize	No	No	Yes

Related features: Anonymization, Schema Explorer, Import/Export

6. Anonymization

Description: Hash-aware data anonymization that replaces sensitive column values with fake, hashed, masked, nullified, or fixed values. Supports in-place anonymization and copy-to-target mode for creating anonymized database copies.

Problem it solves: Development and QA teams need realistic data but cannot use production data containing PII. Manual anonymization is inconsistent and error-prone. Auralith provides deterministic, hash-aware anonymization that preserves referential integrity.

Key capabilities:

Configurable anonymization strategies per column:
- fake: generate realistic fake data using Faker (names, emails, addresses, etc.)
- hash: deterministic SHA-256 hash (preserves consistency across tables)
- mask: partial masking (e.g., john@email.com becomes j***@e***.com)
- null: set to NULL
- fixed: replace with a constant value
Hash-aware: detect already-hashed columns to avoid double-anonymization
Preview mode: see anonymized output before applying
In-place anonymization: modify data directly in the source database
Copy mode (Enterprise): anonymize while transferring to a different connection
Configuration persistence: save and reuse anonymization configs per project
Bulk anonymization across multiple tables

Plan availability:

Capability	Starter	Pro	Enterprise
In-place anonymization	No	Yes	Yes
Copy mode	No	No	Yes

Related features: Bridge, RGPD/Compliance, Export (anonymized)

7. Seed Studio

Description: Generate test data for your database using three modes: standard seeding (random rows per table), entity-aware seeding (respects FK relationships and insert order), and QA templates (predefined scenarios for repeatable test data).

Problem it solves: Creating realistic test data that respects foreign keys, unique constraints, and business rules is tedious and error-prone. Seed Studio automates this with smart defaults, FK-aware planning, and reusable QA templates.

Key capabilities:

Standard seeding: generate N rows for a selected table with type-aware random values
Entity seeding: analyze FK graph, build a seed plan that inserts parent tables first, respect unique constraints
QA Templates: define reusable seed scenarios with specific data patterns, save as templates, run on demand
Seed plan viewer: visualize the execution order and row counts per table
Seed preview: see generated data before inserting
Seed history: track all seed operations with timestamps, row counts, and template references
Template library: browse, create, edit, duplicate, and delete QA templates
Dry-run mode: preview generated rows without inserting
Scenario runner with labeled runs for easy identification

Plan availability:

Capability	Starter	Pro	Enterprise
Standard seeding	Yes	Yes	Yes
Entity seeding	No	Yes	Yes
QA Templates	No	Yes	Yes
SQL seeding	No	No	Yes

Related features: Schema Explorer (FK graph), Validation (verify seeded data)

8. Validation and QA

Description: Define validation rules on your database columns and tables, run scans to detect violations, and track data quality over time through a dashboard with trend visualization.

Problem it solves: Data quality issues (nulls in required fields, invalid formats, broken references, out-of-range values) often go undetected until they cause application bugs. Validation and QA provides continuous monitoring and alerting for data integrity.

Key capabilities:

Rule types: not_null, regex, unique, range, enum, custom_sql, foreign_key, length
Rule categories: column, table, cross_table
Scope filtering: apply rules to specific schemas or table patterns
Environment tags: activate rules only in certain environments (dev, staging, production)
Regex library: pre-built patterns for emails, phones, URLs, UUIDs, etc.
Regex tester: validate regex patterns against sample data
Scan execution: run all rules against the database, capture violations
Scan runs history with comparison between runs
Validation dashboard: violation counts, trends, severity distribution
Auto-suggest: analyze column data to recommend appropriate rules

Plan availability:

Capability	Starter	Pro	Enterprise
Validation	No	Yes (5 rules max)	Yes (unlimited)

Related features: Seed Studio, Data Explorer, RGPD/Compliance

9. Performance Monitoring

Description: Monitor database performance by analyzing slow queries captured by pg_stat_statements, computing criticality scores, running EXPLAIN analysis, and generating index recommendations.

Problem it solves: Slow queries degrade application performance but are often invisible to developers. Performance Monitoring surfaces the most impactful queries, explains why they are slow, and recommends concrete index changes.

Key capabilities:

Integration with PostgreSQL pg_stat_statements extension
Slow query identification with configurable thresholds
Criticality scoring: combine execution time, call frequency, and row impact
Schema-scoped analysis: filter by PostgreSQL schema
Table statistics: row counts, dead tuples, sequential vs. index scans
EXPLAIN analysis: run EXPLAIN ANALYZE on any query
Index recommendations: suggest missing indexes based on query patterns and table statistics
Dashboard with top slow queries, table health, and aggregate metrics
Pre-flight check: verify pg_stat_statements is properly configured

Plan availability:

Capability	Starter	Pro	Enterprise
Performance Monitoring	No	No	Yes

Related features: SQL Console, Preflight Guard

10. Preflight Guard

Description: A decision-flow engine that analyzes SQL statements before execution. It evaluates risk level based on statement type, affected tables, WHERE clause presence, row estimates, and environment context, then returns a proceed/warn/block recommendation.

Problem it solves: Executing SQL without understanding its impact leads to accidental data loss or corruption. Preflight Guard acts as an automated code review for SQL, catching dangerous operations before they reach the database.

Key capabilities:

Multi-database adapter architecture (PostgreSQL, MySQL, SQLite)
Statement type detection: SELECT, INSERT, UPDATE, DELETE, DROP, TRUNCATE, ALTER, CREATE
Risk level classification: safe, low, medium, high, critical
Decision flow: proceed, warn (with confirmation), block (prevents execution)
Environment-aware analysis: stricter rules for production connections
Row estimation: EXPLAIN-based row count prediction
WHERE clause analysis: flag UPDATE/DELETE without WHERE
Batch analysis: analyze multiple statements in one request
Analysis history: track all preflight checks per project
Statistics: aggregate risk distribution over time

Plan availability:

Capability	Starter	Pro	Enterprise
Preflight Guard	No	No	Yes

Related features: SQL Console, Mass Patch, Configuration Center

11. RGPD/Compliance

Description: A multi-regulation scanner that analyzes database schemas to detect columns likely containing personally identifiable information (PII) or regulated data. Supports GDPR, HIPAA, PCI-DSS, SOX, and other regulatory frameworks.

Problem it solves: Identifying which columns contain sensitive data across dozens or hundreds of tables is a manual, error-prone process. The compliance scanner automates detection using column name patterns, data type heuristics, and regulation-specific rules.

Key capabilities:

Multi-regulation support: GDPR, HIPAA, PCI-DSS, SOX, and extensible registry
Column-level sensitivity detection based on naming patterns and data types
Risk severity classification per detected column
Regulation-specific recommendations
Scan results with table/column/regulation mapping
Available regulations endpoint for frontend configuration

Plan availability:

Capability	Starter	Pro	Enterprise
GDPR Scanner	No	Yes (5 regulations max)	Yes (unlimited)

Related features: Anonymization, Export (anonymized), Configuration Center

12. Import/Export

Description: Import data from CSV and SQL files into your database, and export data in multiple formats including CSV, SQL, Markdown documentation, HTML documentation, and anonymized variants.

Problem it solves: Moving data in and out of databases requires format conversion, schema validation, and careful handling of encoding and delimiters. Import/Export handles all of this with validation steps before execution.

Key capabilities:

CSV Import: upload CSV files, validate columns against table schema, preview data, execute insert
SQL Import: upload SQL files, validate syntax, execute statements
Bulk Import: import multiple CSV files at once, one per table
CSV Export: export single table or full database to CSV
SQL Export: export full database as INSERT statements
Schema SQL Export: export DDL only (CREATE TABLE statements)
Anonymized Export: export with anonymization applied (Enterprise)
Markdown Documentation: export schema as Markdown reference
HTML Documentation: export schema as styled HTML (Enterprise)

Plan availability:

Capability	Starter	Pro	Enterprise
CSV Export	Yes	Yes	Yes
SQL Export	No	Yes	Yes
Anonymized Export	No	No	Yes
Markdown Doc	No	Yes	Yes
HTML Doc	No	No	Yes
CSV Import	No	Yes	Yes
SQL Import	No	No	Yes
Bulk Import	No	No	Yes

Related features: Anonymization, Bridge, Schema Explorer

13. SQL Console Features (Terminal v2)

Description: The SQL Console terminal is a rich editing environment built on CodeMirror 6 with multiple layout modes and advanced IDE-like features.

Problem it solves: Basic SQL text areas lack the productivity features developers expect from modern code editors. Terminal v2 provides a professional-grade SQL editing experience directly in the browser.

Key capabilities:

Syntax highlighting: full SQL grammar highlighting with CodeMirror lang-sql
Autocomplete: schema-aware completions for table names, column names, SQL keywords
SQL lint: real-time error detection and suggestions
Multi-tab: multiple independent SQL editors open simultaneously
Detachable terminal: pop the SQL console into a separate browser window for dual-monitor setups
Layout modes: pill (compact inline), overlay (floating panel), terminal (full-width bottom panel), detached (separate window)
One Dark theme: consistent dark mode styling matching the application design
Query execution: run queries directly from the editor with keyboard shortcuts
Result display: tabular results with pagination and column sorting

Plan availability: Available on all plans (read-only on Starter, full write on Pro and Enterprise).

Related features: SQL Console, Mass Patch, Preflight Guard

14. Configuration Center

Description: Project-level configuration hub for managing data type mappings, guard rail policies, environment definitions, and security settings.

Problem it solves: Different projects have different requirements for what constitutes a dangerous operation, which environments exist, and how security should be enforced. The Configuration Center centralizes these settings per project.

Key capabilities:

Data type configuration: define custom type mappings and display preferences
Guard rails: configure policies that block or warn on specific SQL patterns, row count thresholds, and statement types
Environment management: define environment tags (dev, staging, production) with risk levels
Security settings: configure access controls, allowed operations, and audit requirements
Per-project configuration persistence
Configuration accessible by admin role only

Plan availability: Available on all plans.

Related features: Mass Patch (guard rails), Preflight Guard (environment awareness), Governance

15. Governance

Description: Enterprise-grade governance dashboard for DSI (IT directors) providing a bird's-eye view of all teams, projects, users, and activity across the platform. Includes team management, project permissions, audit trail, session management, and user blocking.

Problem it solves: In organizations with multiple teams and projects, IT leadership needs visibility into who is doing what, the ability to manage access centrally, and an audit trail for compliance. Governance provides all of this from a super_admin perspective.

Key capabilities:

DSI Dashboard: aggregate metrics across all projects, teams, users, and activity
Team management: create, view, and delete teams; manage team members and roles
Project overview: see all projects with their connections, team assignments, and activity
Project detail: deep dive into a specific project's audit log, connections, and configuration
Audit trail: searchable, filterable log of all actions across the platform with CSV export
Alert system: detect anomalies (high-risk operations, unusual activity patterns)
Session management: view active sessions, force-logout users
User management: list all users with their plans, roles, activity; block/unblock users
Project permissions: grant per-project access (READ, WRITE, EXECUTE, PATCH, ADMIN) to specific users
Deleted projects tracking: view audit trail for projects that have been removed

Plan availability: Governance is accessible only to super_admin users and is an Enterprise-level feature.

Related features: Teams, Configuration Center, Audit Trail

16. Multi-DB Support

Description: KytheraDB supports connecting to and managing multiple database engines through a unified connector architecture. Each engine has its own introspection adapter, SQL dialect handling, and capability set.

Problem it solves: Teams often work with multiple database technologies. Rather than requiring separate tools for each engine, Auralith provides a consistent interface across all supported databases.

Key capabilities:

PostgreSQL: full support including pg_stat_statements, EXPLAIN ANALYZE, schemas, advanced types
MySQL / MariaDB: schema introspection, CRUD, seeding, export, bridge
SQLite: file-based database support for local development and testing
SQL Server (Enterprise): Microsoft SQL Server connectivity
Oracle (Enterprise): Oracle Database connectivity
Unified connector interface: all engines expose the same introspection and execution API
SSH tunnel support: connect to databases behind firewalls via SSH
Connection encryption: credentials stored with Fernet symmetric encryption
Per-connection environment tagging (dev, staging, production)

Plan availability:

Engine	Starter	Pro	Enterprise
PostgreSQL	Yes	Yes	Yes
MySQL / MariaDB	No	Yes	Yes
SQLite	No	Yes	Yes
SQL Server	No	No	Yes
Oracle	No	No	Yes

Related features: Schema Explorer, Bridge, Connection Management

17. Authentication and Billing

Description: Complete user authentication with email verification, password reset, Stripe-powered billing with inline payment (no redirect), and subscription management.

Registration:

Two account types: Particulier (individual) and Entreprise (company with SIRET)
Email verification via Mailpit (dev) / SMTP (prod)
Pydantic EmailStr validation on backend

Authentication:

JWT tokens (24h expiry), Argon2 password hashing
Email verification required before login
Password reset via email with expiring tokens
Rate limiting: 5 requests/minute on login, register, forgot-password, resend-verification

Billing:

Stripe Elements inline payment (no redirect to Stripe Checkout)
Plans: Starter (free), Pro (29/mo), Enterprise (99/mo) with annual -20%
Subscription lifecycle: create, sync, cancel at period end
Invoice history with PDF download from Stripe
Automatic plan update after payment confirmation via /billing/sync

Plan availability: All plans

Related features: Governance, Configuration Center

18. Smart Synthetic Data

Description: Domain-aware data generation using French datasets and region-based Faker locales. Replaces generic Faker-only generation with localized, realistic data.

Architecture:

DatasetProvider: loads JSON datasets (cities, names, streets, companies) by region
RuleEngine: post-processing coherence (city + postal code matching, phone format)
Faker fallback: for columns not covered by datasets
Region selector: France (datasets + Faker fr_FR), or any other country (Faker only with correct locale)

Datasets included (France):

100 real cities with postal codes, departments, regions (INSEE)
100 common first names, 100 last names
Street types and 50 common street names
Company name patterns (prefixes, suffixes, family names)

Supported regions: France, Belgique, Suisse, Canada, USA, UK, Allemagne, Espagne, Italie

Plan availability: All plans

Related features: Seed Studio, Anonymization

19. Custom References

Description: User-defined reference data lists associated to table columns. Feeds into seed generation, anonymization, validation, and data explorer. Replaces the need for hardcoded Faker types when domain-specific values are needed.

Key capabilities:

Create references tied to table.column with values (manual entry, JSON textarea, file upload)
Auto-detection of enum candidates from schema analysis (confidence scoring, 70%+ threshold)
Confirm detected candidates as references
Import distinct values from the live database
Upload JSON files with drag-and-drop support (max 500 entries per reference)
Reference badge in Configuration (Types de donnees) — disables Faker type select when a reference is linked
Integration with generate-row endpoint — uses references before Faker fallback
Integration with seed engine — DatasetProvider checks references
Search/filter across all references

Data flow:

Detection or manual creation → ReferenceDefinition (confirmed, table.column)
generate-row, seed, anonymization → check ReferenceDefinition for the column → use values
Configuration (Types de donnees) → shows badge, disables manual type override

Plan availability: All plans

Related features: Seed Studio, Anonymization, Validation, Configuration Center

Table of Contents​

1. Schema Explorer and Graph Viewer​

2. Data Explorer (CRUD)​

3. SQL Console​

4. Mass Patch​

5. Bridge / Data Transfer​

6. Anonymization​

7. Seed Studio​

8. Validation and QA​

9. Performance Monitoring​

10. Preflight Guard​

11. RGPD/Compliance​

12. Import/Export​

13. SQL Console Features (Terminal v2)​

14. Configuration Center​

15. Governance​

16. Multi-DB Support​

17. Authentication and Billing​

18. Smart Synthetic Data​

19. Custom References​

Table of Contents

1. Schema Explorer and Graph Viewer

2. Data Explorer (CRUD)

3. SQL Console

4. Mass Patch

5. Bridge / Data Transfer

6. Anonymization

7. Seed Studio

8. Validation and QA

9. Performance Monitoring

10. Preflight Guard

11. RGPD/Compliance

12. Import/Export

13. SQL Console Features (Terminal v2)

14. Configuration Center

15. Governance

16. Multi-DB Support

17. Authentication and Billing

18. Smart Synthetic Data

19. Custom References