You can use the QL command-line tools to analyze code using the Semmle Core analysis platform. For each software project that you analyze, the command-line tools generate a relational database that represents your whole code base. This database includes an entry on every language construct that is present in the project. You run queries, written in QL, against your database, and alerts are generated that highlight errors, identify potential security issues and calculate project metrics. You can also write your own custom queries to explore issues and generate alerts that are specific to your project. To aid your code review process, you can incorporate the results of your analysis into your own debugging infrastructure. You can also integrate results into your software development processes if this is included in your license. If you are using a license that restricts integration, contact Semmle for further information.
Find out more