Public content repository for Hotspots. Stores all posts and supporting assets needed to reproduce any analysis run and report produced by the Hotspots CLI. No build code or workflows live here; automation and site deployment happen in hotspots-cloud.
This README is written for both humans and AI agents. It defines structure, conventions, and the reproducibility contract that every post must follow.
- Source of truth for public content: blog, playbooks, and case studies.
- Contains all metadata and links required to reproduce analyses exactly.
- Keeps shared, reusable assets in a predictable location.
- Accepts automated pull requests from the private
hotspots-cloudcrawler.
blog/
posts/ Markdown posts (one file per analysis)
assets/ Per‑post images (by dated slug)
data/ Machine‑readable summaries (per post)
playbooks/ (optional; mirrors blog/ subfolders)
posts/
assets/
data/
cases/ (optional; mirrors blog/ subfolders)
posts/
assets/
data/
shared/ Reusable, non‑post assets (brand/ui/diagrams/...)
README.md This document
- Post filename:
blog/posts/YYYY-MM-DD-owner-repo.md. - Per‑post assets:
blog/assets/YYYY-MM-DD-owner-repo/(e.g.,cover.png,hotspot-1.png). - Per‑post summary:
blog/data/YYYY-MM-DD-owner-repo.summary.json. - Shared assets: place under
shared/and reference via/shared/...in Markdown.
- Hotspots highlights structural and activity risk, not “bad code”.
- Findings are a prioritization aid, not a bug predictor.
- Maintainers are not being judged; these posts demonstrate the tool.
- Every analysis pins a specific commit SHA.
- Repro steps must be included in each post.
Add a one‑line footer in each post linking back to this policy.
Each post is a Markdown file with required frontmatter followed by a standard body.
---
title: "Hotspots on <Owner>/<Repo>: the 5 functions with the highest activity-weighted risk"
date: "YYYY-MM-DD"
repo: "<owner>/<repo>"
commit: "<full sha>"
language: "<primary language>"
tags: ["oss", "refactoring", "code-health"]
report_html: "https://reports.hotspots.dev/<owner>/<repo>/<sha>/index.html"
report_json: "https://reports.hotspots.dev/<owner>/<repo>/<sha>/snapshot.json"
# Recommended for reproducibility
hotspots_version: "<semver>"
analyzed_at: "<ISO8601>"
clone_depth: 50
---- Short intro: what the project is and why it’s interesting.
- Top 5 hotspots table (function, file, risk).
- Brief commentary on 2–3 notable findings.
- Repro section (must match frontmatter):
git clone https://github.com/<owner>/<repo> cd <repo> git checkout <sha> hotspots analyze - Footer: link to editorial policy and full HTML report.
Every post must allow a reader to reproduce results precisely.
- Pin the exact commit SHA in
commit. - Include
hotspots_version,analyzed_at, andclone_depthwhere available. - Host full outputs on R2 under:
https://reports.hotspots.dev/<owner>/<repo>/<sha>/index.htmlhttps://reports.hotspots.dev/<owner>/<repo>/<sha>/snapshot.json
- Commit a compact
summary.jsonalongside the post for indexing:
{
"owner": "<owner>",
"repo": "<repo>",
"sha": "<full sha>",
"analyzed_at": "<ISO8601>",
"hotspots_version": "<semver>",
"top": [
{ "function": "<symbol>", "file": "<path>", "risk": 9.3 }
]
}- Automated: The private
hotspots-cloudrepo runs a nightly crawler that analyzes a target repo, uploads artifacts to R2, and opens a PR here adding:blog/posts/YYYY-MM-DD-owner-repo.mdblog/data/YYYY-MM-DD-owner-repo.summary.json- Optional per‑post images under
blog/assets/YYYY-MM-DD-owner-repo/
- Manual: Maintainers can open PRs directly following the same conventions.
- Review tone and clarity; ensure the editorial policy is respected.
- Verify links (HTML and JSON on R2) resolve and match the pinned SHA.
- After merge, the public site picks up changes on the next scheduled deploy from
hotspots-cloud.
Use the frontmatter values to reproduce locally:
git clone https://github.com/<owner>/<repo>
cd <repo>
git checkout <sha>
hotspots analyze
Compare your local output to the linked snapshot.json and index.html on R2.
- Put reusable images/graphics under
shared/(e.g.,shared/brand/,shared/ui/). - Reference from posts with
/shared/...absolute paths. - Do not duplicate identical assets under per‑post folders.
---
title: "Hotspots on <Owner>/<Repo>: the 5 functions with the highest activity-weighted risk"
date: "YYYY-MM-DD"
repo: "<owner>/<repo>"
commit: "<full sha>"
language: "<language>"
tags: ["oss", "refactoring", "code-health"]
report_html: "https://reports.hotspots.dev/<owner>/<repo>/<sha>/index.html"
report_json: "https://reports.hotspots.dev/<owner>/<repo>/<sha>/snapshot.json"
hotspots_version: "<semver>"
analyzed_at: "<ISO8601>"
clone_depth: 50
---
Intro paragraph.
| Function | File | Risk |
|---|---|---|
| symbol | path | 0.0 |
Repro:
git clone https://github.com// cd git checkout hotspots analyze
_See editorial policy in the repository README. Full report: <report_html>_
- Create filenames:
DATE=$(date -u +%F)→ slug"$DATE-<owner>-<repo>".
- Write
blog/posts/$DATE-<owner>-<repo>.mdusing the template. - Save
summary.jsontoblog/data/$DATE-<owner>-<repo>.summary.json. - If images are present, place under
blog/assets/$DATE-<owner>-<repo>/. - Run link checks for
report_htmlandreport_json. - Open a PR with title
Add analysis: <owner>/<repo> @ <short_sha>.
- Parse frontmatter; ensure required keys are present and URLs are HTTPS.
- Confirm R2 URLs resolve with HTTP 200.
- Optionally clone the target repo at
commitand runhotspots analyze. - Compare top findings against
blog/data/*.summary.json.
- Why not commit HTML reports here? They are hosted on Cloudflare R2 for fast, static access and to keep this repo small.
- Can I change the schema? Keep frontmatter keys stable. Additive changes are fine; coordinate removals with
hotspots-cloudbefore merging. - Are secrets required? No. Never commit credentials to this public repo.
Unless stated otherwise within a post, content in this repository is © the authors. Do not add third‑party assets without confirming their license permits redistribution.