Home | Jo Programming Language

Skip to content

Appearance

JoFor the joy of secure programming<br>Capabilities are explicit, fine-grained, and enforced by the compiler — not a runtime sandbox.<br>Get Started<br>Language Tour<br>Security Model

main.jo<br>// capabilities are inferred, tracked transitively<br>def fetch() = httpGet("https://api.example.com")<br>def process() = fetch()

def main =<br>// prove: process() uses no capabilities<br>allow none in process()<br>// error: Parameter not allowed: IO.http

Capability-Based Security<br>Code can only access what it declares and is granted. Anything beyond that is rejected as compiling errors.<br>Learn more

Confine Untrusted Code<br>Structurally prevent third-party code, plugins, or generated programs from accessing anything beyond what you explicitly grant.<br>See the problem

Context Parameters<br>Pass capabilities through the call stack implicitly — no boilerplate, no globals, no frameworks.<br>Learn more

Type-Safe by Design<br>No runtime type errors, the compiler catches what other languages let slip through.<br>Design principles

Pattern-Oriented Programming<br>Compose reusable pattern predicates with logical operators. Exhaustive matching — the compiler guarantees no case is missed.<br>Explore patterns

Multiple Backends<br>One language, multiple runtimes. Compile to Python or Ruby with the same type guarantees on every platform.<br>Get started

From the blog ​<br>Introducing Jo — Secure Programming for the AI Era · June 2026<br>Jo is developed and maintained by TypeScope.