{"id":47421214,"url":"https://github.com/b-macker/NAAb","last_synced_at":"2026-04-04T19:00:50.649Z","repository":{"id":339895578,"uuid":"1149154687","full_name":"b-macker/NAAb","owner":"b-macker","description":"The first programming language with built-in AI governance — 50+ checks catch hallucinated APIs, stubs, and security issues across 12 languages in one file","archived":false,"fork":false,"pushed_at":"2026-04-02T23:45:51.000Z","size":729986,"stargazers_count":1,"open_issues_count":1,"forks_count":0,"subscribers_count":1,"default_branch":"master","last_synced_at":"2026-04-02T23:50:58.247Z","etag":null,"topics":["ai-code-review","ai-governance","ai-safety","code-governance","code-quality","cpp17","cross-language","developer-tools","govern-json","governance","interpreter","language-design","llm-governance","multi-language","polyglot","polyglot-programming","programming-language","python","rust","static-analysis"],"latest_commit_sha":null,"homepage":"https://b-macker.github.io/NAAb/","language":"C++","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"mit","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/b-macker.png","metadata":{"files":{"readme":"README.md","changelog":"CHANGELOG.md","contributing":"CONTRIBUTING.md","funding":".github/FUNDING.yml","license":"LICENSE","code_of_conduct":"CODE_OF_CONDUCT.md","threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":"SECURITY.md","support":null,"governance":"docs/GOVERNANCE-LIMITS.md","roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null,"zenodo":null,"notice":null,"maintainers":null,"copyright":null,"agents":null,"dco":null,"cla":null},"funding":{"github":"b-macker"}},"created_at":"2026-02-03T19:31:55.000Z","updated_at":"2026-04-02T23:45:57.000Z","dependencies_parsed_at":"2026-04-02T11:05:08.643Z","dependency_job_id":null,"html_url":"https://github.com/b-macker/NAAb","commit_stats":null,"previous_names":["b-macker/naab"],"tags_count":7,"template":false,"template_full_name":null,"purl":"pkg:github/b-macker/NAAb","repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/b-macker%2FNAAb","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/b-macker%2FNAAb/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/b-macker%2FNAAb/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/b-macker%2FNAAb/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/b-macker","download_url":"https://codeload.github.com/b-macker/NAAb/tar.gz/refs/heads/master","sbom_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/b-macker%2FNAAb/sbom","scorecard":null,"host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":286080680,"owners_count":31409471,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2026-04-04T10:20:44.708Z","status":"ssl_error","status_checked_at":"2026-04-04T10:20:06.846Z","response_time":60,"last_error":"SSL_read: unexpected eof while reading","robots_txt_status":"success","robots_txt_updated_at":"2025-07-24T06:49:26.215Z","robots_txt_url":"https://github.com/robots.txt","online":false,"can_crawl_api":true,"host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["ai-code-review","ai-governance","ai-safety","code-governance","code-quality","cpp17","cross-language","developer-tools","govern-json","governance","interpreter","language-design","llm-governance","multi-language","polyglot","polyglot-programming","programming-language","python","rust","static-analysis"],"created_at":"2026-03-21T14:00:46.949Z","updated_at":"2026-04-04T19:00:50.606Z","avatar_url":"https://github.com/b-macker.png","language":"C++","readme":"# NAAb — The Programming Language with Built-in AI Governance\n\n[![CI](https://github.com/b-macker/NAAb/actions/workflows/ci.yml/badge.svg)](https://github.com/b-macker/NAAb/actions/workflows/ci.yml)\n[![Sanitizers](https://github.com/b-macker/NAAb/actions/workflows/sanitizers.yml/badge.svg)](https://github.com/b-macker/NAAb/actions/workflows/sanitizers.yml)\n[![CodeQL](https://github.com/b-macker/NAAb/actions/workflows/codeql.yml/badge.svg)](https://github.com/b-macker/NAAb/actions/workflows/codeql.yml)\n[![License: MIT](https://img.shields.io/badge/License-MIT-yellow.svg)](https://opensource.org/licenses/MIT)\n[![PRs Welcome](https://img.shields.io/badge/PRs-welcome-brightgreen.svg)](CONTRIBUTING.md)\n[![Discussions](https://img.shields.io/badge/Discussions-enabled-blue.svg)](https://github.com/b-macker/NAAb/discussions)\n\n**Govern AI-generated code at the language level.** NAAb is a polyglot programming language that applies code quality, security, and correctness policies at runtime — catching mistakes before they execute. A single `govern.json` controls what executes across 12 languages in one file.\n\n```json\n// govern.json — catches AI hallucinations before they execute\n{\n  \"version\": \"3.0\",\n  \"mode\": \"enforce\",\n  \"code_quality\": {\n    \"no_hallucinated_apis\": { \"level\": \"hard\" },\n    \"no_oversimplification\": { \"level\": \"hard\" },\n    \"no_incomplete_logic\": { \"level\": \"soft\" }\n  }\n}\n```\n\n```\n$ naab-lang app.naab\n\nError: Hallucinated API in python block:\n  \".push()\" is not valid Python                        [HARD]\n\n  Rule: code_quality.no_hallucinated_apis\n\n  Help:\n  .push() is JavaScript — in Python, use .append()\n\n  ✗ Wrong: my_list.push(item)\n  ✓ Right: my_list.append(item)\n```\n\n---\n\n## See It In Action\n\n\u003cp align=\"center\"\u003e\n  \u003cimg src=\"demo/demo.svg\" alt=\"NAAb Governance Demo — 7 scenes catching AI mistakes\" width=\"800\"\u003e\n\u003c/p\u003e\n\n| Scene | AI Mistake | Governance Response |\n|-------|-----------|-------------------|\n| 1 | `.push()` in Python | Blocked — use `.append()` |\n| 2 | `import fake_ai_toolkit` | Blocked — unknown module |\n| 3 | `fn validate() { return true }` | Blocked — stub function |\n| 4 | Hardcoded `sk-proj-...` API key | Blocked — secret detected |\n| 5 | Empty `catch (e) { }` | Blocked — incomplete logic |\n| 6 | `env.get()` → shell unsanitized | Blocked — taint violation |\n| 7 | All issues fixed | Passes clean |\n\nRun it yourself: `bash demo/governance_demo.sh` | Record: `bash demo/governance_demo.sh --record`\n\n---\n\n## The Problem: AI Code Drift\n\nAI models generate code that looks right but isn't. Every session starts fresh — no memory of your security rules, naming conventions, or architecture decisions:\n\n- **Hallucinated APIs** — `.push()` in Python, `print()` in JavaScript, `json.stringify()` instead of `json.dumps()`\n- **Stubs shipped as \"complete\"** — `def validate(): return True`, functions with only `pass` or `NotImplementedError`\n- **Security patterns bypassed** — hardcoded secrets, SQL injection, `except: pass` swallowing errors\n- **Language misuse** — Python for heavy computation, JavaScript for file operations, Shell for complex logic\n\nPrompts are suggestions. **`govern.json` is policy.** NAAb checks every polyglot block against your policies before execution — where it can't be bypassed.\n\n---\n\n## At a Glance\n\n| Capability | Details |\n|---|---|\n| **Governance Engine** | 50+ checks, 3-tier policy engine (hard / soft / advisory), `govern.json` config |\n| **Polyglot Execution** | 12 languages in one file — Python, JavaScript, Rust, C++, Go, C#, Ruby, PHP, Shell, Nim, Zig, Julia |\n| **Smart Error Messages** | \"Did you mean?\" suggestions via Levenshtein distance, detailed fixes with examples |\n| **Standard Library** | 14 modules — array, string, math, json, http, file, path, time, debug, env, csv, regex, crypto, bolo |\n| **Language Features** | Generators/yield, interfaces, pattern matching with guards, f-strings, async/await, lambdas, closures, pipeline, destructuring |\n| **CI/CD Integration** | SARIF (GitHub Code Scanning), JUnit XML (Jenkins/GitLab), JSON reports |\n| **Project Context** | Auto-reads CLAUDE.md, .editorconfig, .eslintrc, package.json to supplement governance |\n| **Developer Tools** | Interactive REPL, URL imports, LLM-friendly syntax (keyword aliases, optional semicolons), 204 error messages |\n| **Bytecode VM** | Stack-based compiler + VM (default engine, ~8x faster than tree-walking), computed goto dispatch, NaN-boxing fast paths, constant folding |\n| **Agent Governance** | Multi-agent role enforcement via `--agent-id`, per-agent path/language restrictions, telemetry JSONL, `--governance-dashboard` |\n\n---\n\n## Quick Start\n\n```bash\n# Clone and build\ngit clone --recursive https://github.com/b-macker/NAAb.git\ncd NAAb\nmkdir build \u0026\u0026 cd build\ncmake .. -G Ninja\nninja naab-lang -j$(nproc)\n\n# Run a file\n./naab-lang hello.naab\n\n# Start interactive REPL\n./naab-lang\n```\n\n### Hello World\n\n```naab\nmain {\n    let name = \"World\"\n    print(\"Hello, \" + name + \"!\")\n}\n```\n\n---\n\n## Governance Engine\n\nNAAb's governance engine is what sets it apart. Drop a `govern.json` in your project root and every polyglot block is checked before execution.\n\n### What It Catches\n\n| Category | Examples | Patterns |\n|---|---|---|\n| **Hallucinated APIs** | `.push()` in Python, `print()` in JS, `len()` in JS | 86+ cross-language patterns |\n| **Oversimplification** | `def validate(): return True`, `pass`-only bodies, identity functions | 35+ stub patterns |\n| **Incomplete Logic** | `except: pass`, bare raises, `\"something went wrong\"` messages | 40+ patterns |\n| **Security** | SQL injection, path traversal, shell injection, hardcoded secrets | Entropy-based detection |\n| **Code Quality** | TODO/FIXME, debug artifacts, mock data, hardcoded URLs/IPs | Dead code detection |\n| **Taint Tracking** | Untrusted data (`env.get`, polyglot output) reaching sinks (shell, env) | Source/sink/sanitizer with prefix matching |\n| **PII Exposure** | SSN patterns, credit card numbers, API keys in strings | Regex + entropy |\n\n### Three Policy Levels\n\n- **HARD** — Block execution. Code does not run. No override.\n- **SOFT** — Block execution. Code does not run unless `--governance-override` is passed.\n- **ADVISORY** — Warn and continue. Logged in audit trail.\n\n### govern.json Example\n\n```json\n{\n  \"version\": \"3.0\",\n  \"mode\": \"enforce\",\n\n  \"languages\": {\n    \"allowed\": [\"python\", \"javascript\", \"go\"],\n    \"blocked\": [\"php\"]\n  },\n\n  \"code_quality\": {\n    \"no_secrets\": { \"level\": \"hard\" },\n    \"no_sql_injection\": { \"level\": \"hard\" },\n    \"no_oversimplification\": { \"level\": \"hard\" },\n    \"no_incomplete_logic\": { \"level\": \"soft\" },\n    \"no_hallucinated_apis\": { \"level\": \"soft\" }\n  },\n\n  \"restrictions\": {\n    \"no_eval\": { \"level\": \"hard\" },\n    \"no_shell_injection\": { \"level\": \"hard\" }\n  },\n\n  \"limits\": {\n    \"max_lines_per_block\": 200,\n    \"timeout_seconds\": 30\n  }\n}\n```\n\n### Project Context Awareness\n\nNAAb can read your existing project configuration files and supplement governance rules — without overriding `govern.json`:\n\n- **Layer 1:** LLM instruction files — `CLAUDE.md`, `.cursorrules`, `AGENTS.md`\n- **Layer 2:** Linter configs — `.eslintrc`, `.flake8`, `pyproject.toml`\n- **Layer 3:** Project manifests — `package.json`, `Cargo.toml`, `go.mod`\n\nEach layer is opt-in and toggleable.\n\n### Custom Rules\n\nDefine your own regex-based governance rules:\n\n```json\n{\n  \"custom_rules\": [\n    {\n      \"name\": \"no_print_debugging\",\n      \"pattern\": \"console\\\\.log|print\\\\(.*debug\",\n      \"message\": \"Remove debug print statements before committing\",\n      \"level\": \"soft\"\n    }\n  ]\n}\n```\n\n### CI/CD Integration\n\n```bash\n# GitHub Code Scanning (SARIF)\nnaab-lang app.naab --governance-report sarif \u003e results.sarif\n\n# Jenkins / GitLab CI (JUnit XML)\nnaab-lang app.naab --governance-report junit \u003e results.xml\n\n# Custom tooling (JSON)\nnaab-lang app.naab --governance-report json \u003e results.json\n```\n\n\u003e **[Build your govern.json interactively](https://b-macker.github.io/NAAb/governance.html)** | [Full governance reference (Chapter 21)](docs/book/chapter21.md)\n\u003e\n\u003e **[Security model \u0026 threat assumptions](docs/SECURITY.md)**\n\n### Agent Governance\n\nNAAb supports multi-agent environments where different AI agents have different permissions. Define per-agent roles in `govern.json`:\n\n```json\n{\n  \"agent_roles\": {\n    \"code-bot\": {\n      \"allowed_languages\": [\"python\", \"javascript\"],\n      \"allowed_paths\": [\"./src\", \"./tests\"],\n      \"blocked_paths\": [\"./secrets\", \"./.env\"]\n    }\n  }\n}\n```\n\n```bash\n# Run with agent identity\nnaab-lang --agent-id code-bot app.naab\n\n# View governance dashboard\nnaab-lang --agent-id code-bot --governance-dashboard app.naab\n```\n\n---\n\n## Polyglot Execution\n\nUse each language where it shines — Python for data science, Rust for performance, JavaScript for web, Go for concurrency, Shell for file ops. Variables flow between languages automatically. No FFI, no serialization, no microservices.\n\n**Supported languages:** Python · JavaScript · Rust · C++ · Go · C# · Ruby · PHP · Shell · Nim · Zig · Julia\n\n```naab\nmain {\n    let numbers = [10, 20, 30, 40, 50]\n\n    // Python: statistical analysis\n    let stats = \u003c\u003cpython[numbers]\nimport statistics\nresult = {\n    \"mean\": statistics.mean(numbers),\n    \"stdev\": statistics.stdev(numbers)\n}\nstr(result)\n\u003e\u003e\n\n    // JavaScript: format as HTML\n    let html = \u003c\u003cjavascript\nconst data = \"Stats: mean=30, stdev=15.81\";\n`\u003cdiv class=\"result\"\u003e${data}\u003c/div\u003e`;\n\u003e\u003e\n\n    print(stats)\n    print(html)\n}\n```\n\n### Key Polyglot Features\n\n- **Variable binding** — Pass NAAb variables into polyglot blocks with `\u003c\u003cpython[x, y]`\n- **Parallel execution** — Independent blocks run concurrently with automatic dependency analysis\n- **Persistent runtimes** — Keep interpreter state across multiple calls with the `runtime` keyword\n- **JSON sovereign pipe** — Return structured data from any language with `naab_return()` or `-\u003e JSON` header\n- **Error mapping** — Polyglot errors map back to NAAb source locations and flow into try/catch\n- **Block-header awareness** — Go gets `package main`, PHP gets `\u003c?php` automatically\n\n---\n\n## Language Features\n\n### Pattern Matching\n\n```naab\nmain {\n    let status = 404\n\n    let message = match status {\n        200 =\u003e \"OK\"\n        404 =\u003e \"Not Found\"\n        n if n \u003e= 500 =\u003e f\"Server Error ({n})\"  // guard clause\n        _ =\u003e \"Unknown\"\n    }\n\n    print(message)  // \"Not Found\"\n\n    // Array destructuring in match\n    let point = [3, 4]\n    let label = match point {\n        [0, 0] =\u003e \"origin\"\n        [x, 0] =\u003e f\"on x-axis at {x}\"\n        [0, y] =\u003e f\"on y-axis at {y}\"\n        [x, y] =\u003e f\"point ({x}, {y})\"\n    }\n    print(label)  // \"point (3, 4)\"\n}\n```\n\n### Async/Await\n\n```naab\nmain {\n    async fn fetch_data() {\n        return \"data loaded\"\n    }\n\n    async fn process() {\n        return \"processed\"\n    }\n\n    let data = await fetch_data()\n    let result = await process()\n    print(data + \" -\u003e \" + result)\n}\n```\n\n### Lambdas \u0026 Closures\n\n```naab\nmain {\n    let multiplier = 3\n    let scale = fn(x) { return x * multiplier }\n\n    print(scale(10))  // 30\n\n    // Closures capture their environment\n    function make_counter() {\n        let count = 0\n        return fn() {\n            count = count + 1\n            return count\n        }\n    }\n\n    let counter = make_counter()\n    print(counter())  // 1\n    print(counter())  // 2\n}\n```\n\n### Pipeline Operator\n\n```naab\nmain {\n    let result = \"hello world\"\n        |\u003e string.upper()\n        |\u003e string.split(\" \")\n\n    print(result)  // [\"HELLO\", \"WORLD\"]\n}\n```\n\n### If Expressions\n\n```naab\nmain {\n    let score = 85\n    let grade = if score \u003e= 90 { \"A\" } else if score \u003e= 80 { \"B\" } else { \"C\" }\n    print(grade)  // \"B\"\n}\n```\n\n### Error Handling\n\n```naab\nmain {\n    try {\n        let result = \u003c\u003cpython\nraise ValueError(\"something broke\")\n\u003e\u003e\n    } catch (e) {\n        print(\"Caught from Python: \" + e)\n    }\n}\n```\n\n### Generators\n\n```naab\nfn fibonacci(limit) {\n    let a = 0\n    let b = 1\n    while a \u003c limit {\n        yield a\n        let temp = a + b\n        a = b\n        b = temp\n    }\n}\n\nmain {\n    for n in fibonacci(100) {\n        print(n)  // 0, 1, 1, 2, 3, 5, 8, 13, 21, 34, 55, 89\n    }\n}\n```\n\n### Interfaces\n\n```naab\ninterface Printable {\n    fn to_string() -\u003e string\n}\n\nstruct Point implements Printable {\n    x: int\n    y: int\n}\n\nfn Point.to_string(p) -\u003e string {\n    return f\"({p.x}, {p.y})\"\n}\n\nmain {\n    let p = new Point { x: 3, y: 4 }\n    print(Point.to_string(p))  // \"(3, 4)\"\n}\n```\n\n### F-Strings\n\n```naab\nmain {\n    let name = \"World\"\n    let count = 42\n    print(f\"Hello {name}, you have {count} items\")\n    print(f\"Total: {count * 2}\")  // expressions work too\n}\n```\n\n### More Language Features\n\n- Optional chaining (`user?.name`), null coalescing (`x ?? \"default\"`, `x ??= fallback`)\n- Destructuring (`let [a, b] = arr`, `let {x, y} = dict`)\n- Spread/rest (`[...arr1, ...arr2]`, `fn(...args)`)\n- `in` / `not in` operators, array slicing (`arr[1:3]`)\n- Structs, enums, module system with imports/exports/URL imports\n- For loops with destructuring, while loops, break/continue\n- Dictionaries and arrays with dot-notation methods\n\n---\n\n## Standard Library\n\n14 modules with 204 error messages, \"Did you mean?\" suggestions, and detailed documentation.\n\n```naab\nmain {\n    // JSON\n    let data = json.parse('{\"name\": \"NAAb\", \"version\": \"0.2.0\"}')\n    print(data[\"name\"])\n\n    // HTTP\n    let response = http.get(\"https://api.github.com/repos/b-macker/NAAb\")\n    print(json.parse(response)[\"stargazers_count\"])\n\n    // File I/O\n    file.write(\"output.txt\", \"Hello from NAAb!\")\n\n    // Math\n    print(math.sqrt(144))  // 12\n\n    // String operations\n    let words = string.split(\"hello world\", \" \")\n    print(string.upper(words[0]))  // \"HELLO\"\n}\n```\n\n| Module | Functions |\n|---|---|\n| `array` | push, pop, shift, unshift, map_fn, filter_fn, reduce_fn, sort, slice_arr, find, reverse, length, contains, first, last, join |\n| `string` | split, join, upper, lower, trim, replace, reverse, contains, starts_with, ends_with, length, char_at, index_of, substring, repeat, pad_left, pad_right |\n| `math` | sqrt, pow, abs, floor, ceil, round, min, max, sin, cos, random, PI, E |\n| `json` | parse, stringify |\n| `http` | get, post, put, delete, head, patch (with headers, body, timeout) |\n| `file` | read, write, append, exists, delete, list_dir, create_dir, is_file, is_dir, read_lines, write_lines, copy, move, size, basename, dirname, extension |\n| `path` | join, dirname, basename, extension, resolve, is_absolute, normalize, exists |\n| `time` | now, now_millis, sleep, format_timestamp, parse_datetime, year, month, day, hour, minute, second, weekday |\n| `debug` | inspect, type, trace, watch, snapshot, diff, keys, values, log, timer, compare, stack, env |\n| `env` | get, set_var, list |\n| `csv` | parse, stringify |\n| `regex` | search, matches, find, find_all, replace, replace_first, split, groups, find_groups, escape, is_valid |\n| `crypto` | hash, sha256, sha512, md5, sha1, random_bytes, random_string, random_int, base64_encode, base64_decode, hex_encode, hex_decode, compare_digest, generate_token, hash_password |\n| `bolo` | scan, report (governance integration) |\n\n---\n\n## Developer Experience\n\n### Smart Error Messages\n\nNAAb doesn't just tell you what's wrong — it tells you how to fix it:\n\n```\nError: Unknown function \"array.pussh\"\n\n  Did you mean: array.push ?\n\n  Help:\n  - array.push(arr, value) adds an element to the end of an array\n\n  Example:\n    ✗ Wrong: array.pussh(my_list, 42)\n    ✓ Right: array.push(my_list, 42)\n```\n\n### Common Mistake Detection\n\nNAAb detects ~35 patterns where developers (and AI) use the wrong language's idioms:\n\n- `array.append()` → \"That's Python. In NAAb, use `array.push()`\"\n- `console.log()` → \"That's JavaScript. In NAAb, use `print()`\"\n- `str.upper()` → \"Use `string.upper(str)` or `str.upper()` (dot-notation)\"\n\n### LLM-Friendly Syntax\n\nNAAb accepts multiple keyword styles so AI-generated code works without manual edits:\n\n- `function` / `func` / `fn` / `def` — all valid\n- `let` / `const` — mutable and immutable bindings\n- Semicolons — optional (accepted but not required)\n- `return` — optional in single-expression functions\n\n---\n\n## NAAb Ecosystem\n\nThree tools built with NAAb — code governance, performance optimization, and data security:\n\n| Project | Purpose | Key Features |\n|---------|---------|--------------|\n| **[NAAb BOLO](https://github.com/b-macker/naab-bolo)** | Code governance \u0026 validation | 50+ checks, SARIF reports, AI drift detection |\n| **[NAAb Pivot](https://github.com/b-macker/naab-pivot)** | Code evolution \u0026 optimization | 3-60x speedups, proven correctness, 8 languages |\n| **[NAAb Passage](https://github.com/b-macker/naab-passage)** | Data gateway \u0026 PII protection | Zero leakage, sovereign architecture, HIPAA/GDPR |\n\n### NAAb BOLO — Code Governance \u0026 Validation\n\n**[NAAb BOLO](https://github.com/b-macker/naab-bolo)** (\"Be On the Lookout\") catches oversimplified stubs, hallucinated APIs, and incomplete logic in AI-generated code.\n\n```bash\n# Scan for governance violations\nnaab-lang bolo.naab scan ./src --profile enterprise\n\n# Generate SARIF report for CI\nnaab-lang bolo.naab report ./src --format sarif --output results.sarif\n\n# AI governance validation\nnaab-lang bolo.naab ai-check ./ml-models\n```\n\n**50+ checks · 4 languages · 339 regression tests** → [Get started](https://github.com/b-macker/naab-bolo)\n\n### NAAb Pivot — Code Evolution \u0026 Optimization\n\n**[NAAb Pivot](https://github.com/b-macker/naab-pivot)** rewrites slow code in faster languages with mathematical proof of correctness.\n\n```bash\n# Analyze hotspots (Python → Rust candidates)\nnaab-lang pivot.naab analyze app.py\n\n# Rewrite with proof\nnaab-lang pivot.naab rewrite app.py:expensive_loop --target rust --prove\n\n# Result: 45x faster, semantically identical\n```\n\n**3-60x speedups · 8 source languages · Proven correct** → [Get started](https://github.com/b-macker/naab-pivot)\n\n### NAAb Passage — Data Gateway \u0026 PII Protection\n\n**[NAAb Passage](https://github.com/b-macker/naab-passage)** ensures zero PII leakage to LLMs, APIs, or untrusted systems with sovereign architecture.\n\n```bash\n# Start secure gateway\nnaab-lang main.naab\n\n# All requests validated, PII blocked\ncurl -X POST http://localhost:8091/ -d '{\"prompt\": \"SSN: 123-45-6789\"}'\n# → {\"error\": \"POLICY_VIOLATION\"}\n```\n\n**Zero leakage · Self-synthesizing · HIPAA/GDPR compliant** → [Get started](https://github.com/b-macker/naab-passage)\n\n---\n\n## Architecture\n\n```\nSource Code (.naab)\n    |\n  Lexer ──\u003e Tokens\n    |\n  Parser ──\u003e AST (recursive descent)\n    |\n  Governance Engine ──\u003e Policy checks (govern.json)\n    |\n  ┌─────────────────────────────────────────────┐\n  │  Compiler ──\u003e Bytecode ──\u003e VM (default)     │\n  │       — OR —                                │\n  │  Interpreter (visitor pattern, --tree-walk)  │\n  └─────────────────────────────────────────────┘\n    |\n  ├── Native execution (NAAb code)\n  ├── Python executor (C API)\n  ├── JavaScript executor (QuickJS)\n  ├── Go/Rust/C++/C#/Nim/Zig/Julia executors (compile \u0026 run)\n  ├── Ruby/PHP executors (interpreted)\n  └── Shell executor (subprocess)\n```\n\n- **95,000+** lines of C++17\n- **398** regression tests, **331** mono test assertions\n- **14** standard library modules with **204** error messages\n- Bytecode VM default (~8x faster), tree-walker via `--tree-walk`\n- Built with Abseil, fmt, spdlog, nlohmann/json, QuickJS\n\n---\n\n## Contributing\n\nContributions are welcome! See [CONTRIBUTING.md](CONTRIBUTING.md) for build instructions and guidelines.\n\n### Areas for Contribution\n- VM optimization (`src/vm/`)\n- Agent governance extensions (`src/runtime/governance.cpp`)\n- New standard library modules\n- Documentation and tutorials\n- IDE integrations (Vim, Emacs, IntelliJ, VS Code)\n- Package registry (centralized module hosting)\n\n---\n\n## License\n\nMIT License - see [LICENSE](LICENSE) for details.\n\n**Brandon Mackert** - [@b-macker](https://github.com/b-macker)\n\n---\n\n_NAAb — Polyglot without the trip._\n","funding_links":["https://github.com/sponsors/b-macker"],"categories":["Uncategorized"],"sub_categories":["Uncategorized"],"project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fb-macker%2FNAAb","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fb-macker%2FNAAb","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fb-macker%2FNAAb/lists"}