The File Hotspots Scanner performs lightweight complexity analysis using filesystem metadata only — no parsing of your source. It runs as part of a normal scan and contributes to your DriftScore. This article is for teams that want a fast, low-cost signal about where complexity concentrates.
What it detects
The scanner uses filesystem metadata — such as file sizes and structure — to identify likely hotspots: files that are unusually large or otherwise stand out as candidates for elevated complexity. Because it never reads file contents for this analysis, it is fast and friendly to privacy-sensitive environments.
Why it matters
Complexity is where upgrades go to die. The largest, densest files absorb the most breaking changes, take the longest to review, and harbor the most surprising behavior. You do not always have time for full static analysis, and some environments restrict reading source content. A metadata-only hotspot signal gives you a cheap, always-available first pass at where to focus.
For leaders, hotspots translate abstract "technical debt" into a concrete list of files. For developers, they point review and refactoring energy at the places most likely to bite during an upgrade.
How to act
Scan the project:
vg
Review the hotspot findings and treat the largest files as candidates for decomposition before a major upgrade touches them. A smaller, well-factored module is far easier to migrate than a monolith. Use hotspots to prioritize test coverage too — the riskiest files deserve the strongest tests.
Triage tips
- Refactor or add tests to top hotspots before starting a big dependency migration.
- Re-scan after refactoring to confirm the hotspot has cooled.
- Combine hotspot data with the Code Quality Scanner for a content-aware view when parsing is acceptable.
Related
For deeper, content-aware analysis, see the Code Quality Scanner. To understand a hotspot's blast radius structurally, use Vibgrate Graph via vg impact and vg show. The File Hotspots Scanner's metadata-only design aligns with the principles in the Privacy & Security article.