odasa). For information about the new CodeQL CLI, that was released with Semmle 1.23, see https://help.semmle.com/codeql/.
You can use the QL command-line tools to analyze code using the Semmle Core analysis platform. For each software project that you analyze, the command-line tools generate a relational database that represents your whole code base. This database includes an entry on every language construct that is present in the project. You run queries, written in QL, against your database, and alerts are generated that highlight errors, identify potential security issues and calculate project metrics. You can also write your own custom queries to explore issues and generate alerts that are specific to your project. To aid your code review process, you can incorporate the results of your analysis into your own debugging infrastructure. You can also integrate results into your software development processes if this is included in your license. If you are using a license that restricts integration and you want to discuss upgrading, contact GitHub Sales and Account Management team.
Find out more
- What does Semmle Core do
- Commonly used concepts
- Getting started - creating a project
- Preparing your code for analysis
- Analyzing your code
- Advanced project creation
- Advanced analysis
- Preparing snapshots to upload to LGTM
- QL tools reference