Hotspots is a command-line tool designed to identify the riskiest code in software repositories. It analyzes codebases to surface functions that are most likely to cause bugs, incidents, or slowdowns, helping developers know which parts of their code to address before issues arise. The tool is compatible with multiple programming languages, including TypeScript, JavaScript, Rust, Go, Python, and Java, and requires no configuration or daemon to run.
With a single command, Hotspots scans a repository and produces a ranked list of functions, each assigned a numeric risk score. This score is based on a combination of cyclomatic complexity and the frequency of code changes (churn history), allowing teams to prioritize their efforts on areas that are both complex and frequently modified. The output highlights critical functions and provides actionable insights that can be used in development sprints.
Hotspots can be integrated into continuous integration (CI) workflows to block complexity regressions. By running the tool in delta mode with a policy flag, CI pipelines can be configured to fail if a pull request introduces new critical functions or increases the risk score of existing ones. This helps maintain code quality and prevent the introduction of problematic code over time.
The tool is available for installation across various platforms, including macOS and Linux, and can be installed using package managers such as Homebrew, npm, pip, and cargo, or via a shell script. Hotspots is offered as a free tool, and its analyses are reproducible locally using the same commands described in its documentation. Analyses are regularly run on open-source repositories, with results made publicly available for review.
hotspots-cli sits in PulseGate's Code review & quality category. It focuses on identifying risky or complex code areas across multiple languages using static analysis and risk scoring. hotspots-cli is an open-source project aimed at software developers. The project is open source (MIT). The product ships for the web and the command line.
It is developed by Stephen Collins, and the product first shipped in 2026. The project is developed in the open on GitHub with 170 commits in the last 90 days. Across PulseGate's embedding index, hotspots-cli has few near neighbours, marking it as relatively distinct. Among its 7 catalogued features are static analysis, Local Risk Score, and multi-language support.
Latest indexed changes and source events
hotspots-cli discovered by the PulseGate indexer
Other apps tracked under the same category.