xoscript focuses on security. We aim to use decent quantum resistant cryptography, secure random byte generation, memory leak detection and runtime sandboxing to minimize the attack surface. We also provide an OpenBSD distribution so you can run xoscript on the most secure OS in the world.

Overly complex systems are difficult to secure. Therefore, xoscript is very tiny language consisting of no more than 5 grammar rules. Any developer can learn xoscript within minutes. Xoscript features a simplified classless Smalltalk-like syntax. No classes. No factories. No mixins. No interfaces. No lambdas. No types. Just objects.

Xoscript ships with all the necessary features for server-side software development. Request handler, session handler, connector for MariaDB and MySQL, XChaCha20 based encryption with Arc4Random and Argon2 key derivation, constant time comparison (tccompare), CURL, PCRE2 regex. Need more? Connect to any DLL/SO with FFI.

We don't break stuff. Your code will never break. Always backwards compatible. Write once, use forever. If the core changes you can still use your old code with... Program version:.

While most template engines promise clear separation between logic and presentation this is almost never true. Most of the time you see for-loops and ifs in your templates. Our template system is different. Using markers to cut and paste sections, we promise real separation of presentation and logic. Zero logic in your HTML.

xoscript is free and BSD licensed. As long as you keep the copyright notices intact, you can basically do whatever you want with it. No strings attached. Further more we are independent of big companies and strictly apolitical.