<?xml version="1.0" encoding="UTF-8"?>
<rss version="2.0" xmlns:atom="http://www.w3.org/2005/Atom" xmlns:dc="http://purl.org/dc/elements/1.1/">
  <channel>
    <title>DEV Community: Dirk Mattig</title>
    <description>The latest articles on DEV Community by Dirk Mattig (@newadventuresinit).</description>
    <link>https://dev.to/newadventuresinit</link>
    <image>
      <url>https://media2.dev.to/dynamic/image/width=90,height=90,fit=cover,gravity=auto,format=auto/https:%2F%2Fdev-to-uploads.s3.us-east-2.amazonaws.com%2Fuploads%2Fuser%2Fprofile_image%2F3937640%2F60dcd699-87e8-4614-957f-60a6ea2af6ac.png</url>
      <title>DEV Community: Dirk Mattig</title>
      <link>https://dev.to/newadventuresinit</link>
    </image>
    <atom:link rel="self" type="application/rss+xml" href="https://dev.to/feed/newadventuresinit"/>
    <language>en</language>
    <item>
      <title>Neander and Grotto: Beyond Code Mode</title>
      <dc:creator>Dirk Mattig</dc:creator>
      <pubDate>Thu, 02 Jul 2026 14:42:42 +0000</pubDate>
      <link>https://dev.to/newadventuresinit/neander-and-grotto-beyond-code-mode-21im</link>
      <guid>https://dev.to/newadventuresinit/neander-and-grotto-beyond-code-mode-21im</guid>
      <description>&lt;p&gt;&lt;strong&gt;Field Notes from the Grotto&lt;/strong&gt; starts here — a feature-by-feature tour of the &lt;strong&gt;&lt;a href="https://dev.to/newadventuresinit/neander-an-agent-first-programming-language-3i3o"&gt;Neander&lt;/a&gt;&lt;/strong&gt; language and its runtime, &lt;strong&gt;&lt;a href="https://dev.to/newadventuresinit/grotto-where-neander-programs-live-17bp"&gt;Grotto&lt;/a&gt;&lt;/strong&gt;. And I am opening with the biggest feature of them all: Neander itself. Why create a &lt;em&gt;whole new language&lt;/em&gt; when we already have an abundance of well-established programming languages at our disposal?&lt;/p&gt;

&lt;p&gt;In a previous &lt;a href="https://dev.to/newadventuresinit/source-code-as-the-seam-between-systems-5b1p"&gt;post&lt;/a&gt; I have made the case that the seam between systems is turning into a language — that instead of calling your tools one at a time, an agent should send you a small program and let it orchestrate the work on your side. That idea has a name — &lt;em&gt;code mode&lt;/em&gt; — and it is not mine. By now it is not even contentious: others arrived at it from their own directions, there are real solutions already shipping it, and the underlying claim — that a model does better writing code than emitting tool calls — has been measured, not just asserted. So the &lt;em&gt;what&lt;/em&gt; is settled. This post is about a narrower quarrel with the &lt;em&gt;how&lt;/em&gt;.&lt;/p&gt;

&lt;p&gt;All existing solutions I came across share an answer that is, frankly, the obvious one. Take a well-known language the model already writes fluently, generate an API from your tools, and run the agent's code in a sandbox. Pragmatic. Available today. And there is serious effort behind making it safe — an entire industry of ways to run untrusted code: lightweight virtual machines, isolated containers, syscall firewalls, network proxies whose sole job is to say &lt;em&gt;no&lt;/em&gt;. Real engineering, and it delivers.&lt;/p&gt;

&lt;p&gt;So why did I not reach for any of that? Why start from an empty grammar instead?&lt;/p&gt;

&lt;p&gt;Because all of it shares one shape — safety by subtraction — and I wanted a different one.&lt;/p&gt;

&lt;h2&gt;
  
  
  Safe by construction
&lt;/h2&gt;

&lt;p&gt;Every one of those approaches begins with a language that can do anything, then spends its effort taking things away: walling off the filesystem, blocking the network, killing the process when the clock runs out. The language is a threat, and safety comes from a prison built around this culprit.&lt;/p&gt;

&lt;p&gt;Neander is no such threat. It cannot run forever — it is not Turing-complete, there is no recursion, every loop is statically bounded, and termination is decided &lt;em&gt;before&lt;/em&gt; the program runs. It cannot reach out — there is no file, no socket, no system call anywhere in the grammar. It cannot run up a bill — every program runs under hard ceilings on computation, memory, and time. Whole categories of exploit — sandbox escapes, privilege escalation, data exfiltration — simply do not apply, because the capability they would abuse was never there.&lt;/p&gt;

&lt;p&gt;There is no prison because there is no prisoner. The sandbox approach asks you to trust the cage. Neander's safety is the absence of anything that would need a cage. The less a language can do, the less can go wrong — and the less you have to take on faith. The entire sandbox industry exists to contain general-purpose code; Neander opts out of needing it.&lt;/p&gt;

&lt;h2&gt;
  
  
  Uniform by construction
&lt;/h2&gt;

&lt;p&gt;No matter what program the agent submits, the answer comes back in the same form: a single response envelope, defined by the language itself. It carries either the value the program produced or a precise account of why it produced none. That uniformity holds because failure is never allowed to escape into the mess: errors raised mid-run and exhausted budgets are caught and classified rather than left to surface however they please, and even an invalid program that never executes still produces a response. An envelope also carries metadata — among it the resources used by the program or the usage limits the runtime enforces. The agent learns the very ceilings it operates under from the responses it receives.&lt;/p&gt;

&lt;p&gt;The uniform response envelope is not simply a convenience. The whole point of sending code instead of a stream of tool calls was to keep the agent's context clean — one compact result in, rather than every intermediate step piling up. A uniform envelope is what makes that payoff real: the agent gets back a single machine-readable verdict it always knows how to read, and &lt;em&gt;only&lt;/em&gt; that verdict costs it any context. It never has to parse prose, squint at a stack trace, or reconcile different failure formats. It reads the envelope, and it knows exactly where it stands.&lt;/p&gt;

&lt;h2&gt;
  
  
  Open by construction
&lt;/h2&gt;

&lt;p&gt;The existing solutions tend to arrive bolted to something — a cloud you deploy on, a framework you adopt, a tool protocol you have to speak. Neander is a specification, with a conformance suite growing up beside it. Anyone can implement a runtime; Grotto is simply the first. Nothing ties you to one vendor, and nothing ties you to one tool protocol — the host embeds a Neander runtime by wiring it into its own application. A standard you can build on, not a product you sign up for.&lt;/p&gt;

&lt;h2&gt;
  
  
  Next from the Grotto
&lt;/h2&gt;

&lt;p&gt;That is the case in outline. The rest of the series is the case in detail — one feature per entry, each of them a piece of the argument above made concrete. First up, the one that makes the whole inversion possible: how an agent finds out what your APIs even are, at runtime, without ever carrying a catalog of them around.&lt;/p&gt;

&lt;p&gt;In the meantime, read the &lt;a href="https://newadventuresinit.github.io/neander/" rel="noopener noreferrer"&gt;Neander&lt;/a&gt; spec, embed &lt;a href="https://github.com/newadventuresinit/grotto" rel="noopener noreferrer"&gt;Grotto&lt;/a&gt; in your own app, and tell me where it falls short.&lt;/p&gt;

</description>
      <category>ai</category>
      <category>agents</category>
      <category>programming</category>
      <category>neander</category>
    </item>
    <item>
      <title>Grotto: Where Neander Programs Live</title>
      <dc:creator>Dirk Mattig</dc:creator>
      <pubDate>Mon, 29 Jun 2026 08:04:38 +0000</pubDate>
      <link>https://dev.to/newadventuresinit/grotto-where-neander-programs-live-17bp</link>
      <guid>https://dev.to/newadventuresinit/grotto-where-neander-programs-live-17bp</guid>
      <description>&lt;p&gt;Last time, in &lt;a href="https://dev.to/newadventuresinit/neander-an-agent-first-programming-language-3i3o"&gt;Neander: An Agent-First Programming Language&lt;/a&gt;, I published the language but not the one thing a host actually needs in order to put it to work: a runtime reference implementation. I promised it already existed, and that I would show it next time.&lt;/p&gt;

&lt;p&gt;Here it is.&lt;/p&gt;

&lt;p&gt;It's called &lt;strong&gt;Grotto&lt;/strong&gt;. The naming keeps the theme going: the first Neanderthal fossil was pulled from a &lt;a href="https://en.wikipedia.org/wiki/Kleine_Feldhofer_Grotte" rel="noopener noreferrer"&gt;grotto&lt;/a&gt; — the place "where the Neanderthal lived." Grotto is where Neander programs live and run.&lt;/p&gt;

&lt;p&gt;A specification is a plan. A reference implementation is the proof that the plan can be put into action. Grotto is that proof: an embeddable TypeScript library, running on Node.js, that takes a Neander program as plain text and runs it — the whole language, end to end, every expression, every data type and every built-in function the spec defines.&lt;/p&gt;

&lt;h2&gt;
  
  
  The trusted component
&lt;/h2&gt;

&lt;p&gt;Recall the setup from the last two posts. The agent is on the outside, untrusted, writing small programs. The host is on the inside, with the APIs worth calling. Between them sits the runtime — and the runtime is the one component in the whole arrangement that everyone has to trust.&lt;/p&gt;

&lt;p&gt;That is a heavy crown to wear. Grotto's entire design is an argument that the trust is warranted.&lt;/p&gt;

&lt;p&gt;It starts with the design process itself: Grotto is architected, &lt;em&gt;not&lt;/em&gt; vibe coded. I am a certified software architect (&lt;a href="https://www.isaqb.org/" rel="noopener noreferrer"&gt;iSAQB®&lt;/a&gt; CPSA-Advanced Level), so on a good day I even know what I am doing. The Grotto implementation started with the creation of an architecture specification (&lt;a href="https://arc42.org/" rel="noopener noreferrer"&gt;arc42&lt;/a&gt;, &lt;a href="https://c4model.com/" rel="noopener noreferrer"&gt;C4&lt;/a&gt;) and a technical design document (co-authored by me and an agent). Only then did a coding agent create the codebase.&lt;/p&gt;

&lt;p&gt;It continues with the dependencies — or rather their absence. Grotto has &lt;em&gt;zero&lt;/em&gt; runtime dependencies and leans on nothing but the Node built-ins. That is not housekeeping; it is a security boundary. An npm package you never install is a package that can never turn on you: no CVE, no compromised maintainer, no supply-chain attack can reach Grotto through a dependency, because there is not one to reach it through. Which leaves only Grotto's own code, and its design does the rest of the arguing.&lt;/p&gt;

&lt;p&gt;The host-facing library is a small dispatcher of under two hundred lines, and it holds no language code at all. Everything that actually touches a stranger's program — the lexer, the parser, the validator, the interpreter — runs somewhere else entirely: in a fresh worker thread, spawned for that one submission and thrown away the moment it's done. Isolation by construction, not by good manners. Add it all up, and the only Grotto code that ever executes on the embedding application's own thread is that small dispatcher — everything else is quarantined in an isolated worker you can kill.&lt;/p&gt;

&lt;p&gt;Every program runs under the hard ceilings of a budget system as mandated by the Neander spec — on computation, on memory, and on wall-clock time. Overrun the time limit and the worker is simply killed; the dispatcher keeps the clock, so even a wedged program can't outlast it. The language itself has no recursion and no unbounded loops, so termination was never in doubt to begin with — the budgets are there for everything else.&lt;/p&gt;

&lt;p&gt;The last line of defense is quality assurance. The Grotto specifications and codebase so far have been reviewed by several frontier coding models: Opus 4.6–4.8, GPT-5.5, and, by sheer luck, Fable 5.&lt;/p&gt;

&lt;p&gt;The codebase quality is verified by over 1,300 unit tests (coverage &amp;gt; 90% but let's not get overexcited about percentages alone) and more than 750 black-box end-to-end tests (program submissions) that are continuously grown toward a Neander conformance test suite.&lt;/p&gt;

&lt;p&gt;You can always do more, and I will. But the groundwork is laid — enough, I'd hope, that anyone weighing Grotto for a real host application can take it, and Neander with it, seriously.&lt;/p&gt;

&lt;p&gt;It's early days, to be clear. The spec is still a draft, the version number starts with a zero, and interfaces might move. But it's real, and it all runs today — a runtime, not a roadmap.&lt;/p&gt;

&lt;h2&gt;
  
  
  What you do with it
&lt;/h2&gt;

&lt;p&gt;If Neander reads strangely because only agents write it, Grotto reads normally, because only humans host it. You embed the library, hand it your own APIs as provider modules, and point agents at it:&lt;br&gt;
&lt;/p&gt;

&lt;div class="highlight js-code-highlight"&gt;
&lt;pre class="highlight typescript"&gt;&lt;code&gt;&lt;span class="k"&gt;import&lt;/span&gt; &lt;span class="p"&gt;{&lt;/span&gt; &lt;span class="nx"&gt;Runtime&lt;/span&gt; &lt;span class="p"&gt;}&lt;/span&gt; &lt;span class="k"&gt;from&lt;/span&gt; &lt;span class="dl"&gt;'&lt;/span&gt;&lt;span class="s1"&gt;grotto1&lt;/span&gt;&lt;span class="dl"&gt;'&lt;/span&gt;&lt;span class="p"&gt;;&lt;/span&gt;

&lt;span class="kd"&gt;const&lt;/span&gt; &lt;span class="nx"&gt;runtime&lt;/span&gt; &lt;span class="o"&gt;=&lt;/span&gt; &lt;span class="k"&gt;await&lt;/span&gt; &lt;span class="nx"&gt;Runtime&lt;/span&gt;&lt;span class="p"&gt;.&lt;/span&gt;&lt;span class="nf"&gt;start&lt;/span&gt;&lt;span class="p"&gt;({&lt;/span&gt;
  &lt;span class="na"&gt;config&lt;/span&gt;&lt;span class="p"&gt;:&lt;/span&gt; &lt;span class="p"&gt;{&lt;/span&gt;
    &lt;span class="na"&gt;neanderVersion&lt;/span&gt;&lt;span class="p"&gt;:&lt;/span&gt; &lt;span class="mi"&gt;1&lt;/span&gt;&lt;span class="p"&gt;,&lt;/span&gt;

    &lt;span class="c1"&gt;// The ceilings every program runs under.&lt;/span&gt;
    &lt;span class="na"&gt;thalerBudget&lt;/span&gt;&lt;span class="p"&gt;:&lt;/span&gt; &lt;span class="mi"&gt;5000&lt;/span&gt;&lt;span class="p"&gt;,&lt;/span&gt;          &lt;span class="c1"&gt;// computation&lt;/span&gt;
    &lt;span class="na"&gt;memoryBudgetKb&lt;/span&gt;&lt;span class="p"&gt;:&lt;/span&gt; &lt;span class="mi"&gt;2048&lt;/span&gt;&lt;span class="p"&gt;,&lt;/span&gt;        &lt;span class="c1"&gt;// memory&lt;/span&gt;
    &lt;span class="na"&gt;maxDurationMs&lt;/span&gt;&lt;span class="p"&gt;:&lt;/span&gt; &lt;span class="mi"&gt;10&lt;/span&gt;&lt;span class="nx"&gt;_000&lt;/span&gt;&lt;span class="p"&gt;,&lt;/span&gt;       &lt;span class="c1"&gt;// wall-clock time&lt;/span&gt;
    &lt;span class="na"&gt;perCallTimeoutMs&lt;/span&gt;&lt;span class="p"&gt;:&lt;/span&gt; &lt;span class="mi"&gt;3000&lt;/span&gt;&lt;span class="p"&gt;,&lt;/span&gt;      &lt;span class="c1"&gt;// per individual API call&lt;/span&gt;
    &lt;span class="na"&gt;maxProgramSizeBytes&lt;/span&gt;&lt;span class="p"&gt;:&lt;/span&gt; &lt;span class="mi"&gt;65&lt;/span&gt;&lt;span class="nx"&gt;_536&lt;/span&gt;&lt;span class="p"&gt;,&lt;/span&gt; &lt;span class="c1"&gt;// static caps, checked before a program runs&lt;/span&gt;
    &lt;span class="na"&gt;maxNestingDepth&lt;/span&gt;&lt;span class="p"&gt;:&lt;/span&gt; &lt;span class="mi"&gt;64&lt;/span&gt;&lt;span class="p"&gt;,&lt;/span&gt;
    &lt;span class="na"&gt;maxRepeatLimit&lt;/span&gt;&lt;span class="p"&gt;:&lt;/span&gt; &lt;span class="mi"&gt;1000&lt;/span&gt;&lt;span class="p"&gt;,&lt;/span&gt;

    &lt;span class="c1"&gt;// Your APIs — each a module the runtime hosts on your behalf.&lt;/span&gt;
    &lt;span class="na"&gt;apiProviderModules&lt;/span&gt;&lt;span class="p"&gt;:&lt;/span&gt; &lt;span class="p"&gt;[&lt;/span&gt;&lt;span class="dl"&gt;'&lt;/span&gt;&lt;span class="s1"&gt;/app/providers/bookings.mjs&lt;/span&gt;&lt;span class="dl"&gt;'&lt;/span&gt;&lt;span class="p"&gt;],&lt;/span&gt;
  &lt;span class="p"&gt;},&lt;/span&gt;
&lt;span class="p"&gt;});&lt;/span&gt;

&lt;span class="kd"&gt;const&lt;/span&gt; &lt;span class="nx"&gt;responseEnvelope&lt;/span&gt; &lt;span class="o"&gt;=&lt;/span&gt; &lt;span class="k"&gt;await&lt;/span&gt; &lt;span class="nx"&gt;runtime&lt;/span&gt;&lt;span class="p"&gt;.&lt;/span&gt;&lt;span class="nf"&gt;submitProgram&lt;/span&gt;&lt;span class="p"&gt;(&lt;/span&gt;&lt;span class="nx"&gt;programFromAgent&lt;/span&gt;&lt;span class="p"&gt;);&lt;/span&gt;
&lt;/code&gt;&lt;/pre&gt;

&lt;/div&gt;



&lt;p&gt;Every submission comes back as a single structured envelope — the value it returned, or the precise way it failed: a program that didn't type-check, a call that errored, a budget that ran out. One program in, one well-formed answer out, every time. Nothing leaks, nothing hangs.&lt;/p&gt;

&lt;h2&gt;
  
  
  Field Notes from the Grotto
&lt;/h2&gt;

&lt;p&gt;There is far more to cover. How an agent discovers your APIs at runtime. The budget system that keeps a program from ever running up a bill. The worker isolation that lets you run a stranger's code at all. Each is worth a post of its own — so I'm starting a new series on the Neander language and its runtime, feature by feature.&lt;/p&gt;

&lt;p&gt;In the meantime, Grotto is on &lt;a href="https://github.com/newadventuresinit/grotto" rel="noopener noreferrer"&gt;GitHub&lt;/a&gt;, the license is permissive, and the floor is open. Embed it into your app, and let me know what breaks.&lt;/p&gt;

</description>
      <category>ai</category>
      <category>agents</category>
      <category>programming</category>
      <category>neander</category>
    </item>
    <item>
      <title>Neander: An Agent-First Programming Language</title>
      <dc:creator>Dirk Mattig</dc:creator>
      <pubDate>Tue, 23 Jun 2026 12:09:58 +0000</pubDate>
      <link>https://dev.to/newadventuresinit/neander-an-agent-first-programming-language-3i3o</link>
      <guid>https://dev.to/newadventuresinit/neander-an-agent-first-programming-language-3i3o</guid>
      <description>&lt;p&gt;Last time, in &lt;a href="https://dev.to/newadventuresinit/source-code-as-the-seam-between-systems-5b1p"&gt;Source Code as the Seam Between Systems&lt;/a&gt;, I closed by saying I had built a programming language for the seam between systems, and that I would come back to it.&lt;/p&gt;

&lt;p&gt;Here we are.&lt;/p&gt;

&lt;p&gt;The language is called &lt;strong&gt;Neander&lt;/strong&gt; (named after the &lt;a href="https://en.wikipedia.org/wiki/Neanderthal" rel="noopener noreferrer"&gt;Neanderthal&lt;/a&gt;), and its specification is available now.&lt;/p&gt;

&lt;p&gt;A quick recap of where the last post left us. When one system needs another to do something, the seam between them used to be a wire carrying structured data, with a human in the middle writing the integration code. Take the human out, let the calling system be an agent that decides at runtime what it needs, and the seam stops being a wire. It becomes a language. The called system exposes an execution environment, and the caller drives it by sending small programs.&lt;/p&gt;

&lt;p&gt;Neander is that language.&lt;/p&gt;

&lt;h2&gt;
  
  
  The inversion
&lt;/h2&gt;

&lt;p&gt;The model everyone started with is the tool catalog: load every function the host exposes into the agent's context, then let the agent pick. It does not scale. Hundreds of tool definitions clutter the context, every intermediate result piles up on top, and costs and latency climb with them.&lt;/p&gt;

&lt;p&gt;Neander turns that around. The agent's context holds one compact thing — the Neander Reference itself — rather than a catalog of everything the host can do. To get something done, the agent writes a short program. The program asks the runtime what APIs are available, calls what it needs, composes the results, and hands back a single answer. Discovery happens at runtime, inside the program, instead of up front in the context window.&lt;/p&gt;

&lt;p&gt;That gives the language two verbs that carry most of the weight. &lt;code&gt;discover&lt;/code&gt; asks the runtime what namespaces, functions, and documents exist; &lt;code&gt;call&lt;/code&gt; invokes one of those functions. Everything else — branching and bounded loops, the structural type system, explicit error handling — exists to glue those two together.&lt;/p&gt;

&lt;p&gt;First the agent looks around:&lt;br&gt;
&lt;/p&gt;

&lt;div class="highlight js-code-highlight"&gt;
&lt;pre class="highlight plaintext"&gt;&lt;code&gt;neander 1 {
  types {}
  main -&amp;gt; [Function] {
    let ns: Namespace =? discover namespace "bookings"
    return discover functions ns []
  }
}
&lt;/code&gt;&lt;/pre&gt;

&lt;/div&gt;



&lt;p&gt;It reads the returned descriptions, then writes a second program that calls what it found:&lt;br&gt;
&lt;/p&gt;

&lt;div class="highlight js-code-highlight"&gt;
&lt;pre class="highlight plaintext"&gt;&lt;code&gt;neander 1 {
  types {}
  main -&amp;gt; decimal(2, half_away) {
    let booking: bookings.Booking =? call bookings.get(id: 8821)
    return booking.fare
  }
}
&lt;/code&gt;&lt;/pre&gt;

&lt;/div&gt;



&lt;p&gt;That is essentially the whole shape of it. One call, maybe a loop over the result, some conditional logic, another call. The agent writes it for a single task, sends it to the runtime, and throws it away.&lt;/p&gt;

&lt;p&gt;The interesting bit is where the code runs. The Neander runtime lives &lt;em&gt;inside&lt;/em&gt; the host: the embedding application registers its own APIs with it, so execution happens server-side, right next to these APIs. As described above, the agent stays on the outside, untrusted, and uses the language to talk to the embedding application.&lt;/p&gt;

&lt;p&gt;This setup, obviously, raises a few eyebrows.&lt;/p&gt;

&lt;h2&gt;
  
  
  What Neander deliberately cannot do
&lt;/h2&gt;

&lt;p&gt;The reassurance is structural, not a promise to behave. The things that make running a stranger's code dangerous don't exist in Neander — there's nothing to wall off because there's nothing there.&lt;/p&gt;

&lt;ul&gt;
&lt;li&gt;
&lt;strong&gt;It cannot run forever.&lt;/strong&gt; Deliberately not Turing-complete: no recursion, every loop statically bounded. Termination is proven before the program runs — no halting question to lose sleep over.&lt;/li&gt;
&lt;li&gt;
&lt;strong&gt;It cannot reach out.&lt;/strong&gt; No file I/O, no sockets, no system access. The only thing a program can touch is an API the host chose to register. There's no sandbox because there's nothing to put in one — the language &lt;em&gt;is&lt;/em&gt; the sandbox.&lt;/li&gt;
&lt;li&gt;
&lt;strong&gt;It cannot run up a bill.&lt;/strong&gt; Every execution runs under hard ceilings on computation, memory, and time (the budget system). Exceed one and &lt;em&gt;that program&lt;/em&gt; is stopped — not the host it runs in.&lt;/li&gt;
&lt;li&gt;
&lt;strong&gt;It cannot misuse the host's APIs.&lt;/strong&gt; A program that fails validation never runs; one that passes calls only functions that exist, with correctly-typed arguments, and can never treat a value that might be missing as if it were there.&lt;/li&gt;
&lt;/ul&gt;

&lt;p&gt;The name fits the philosophy. Like the spare, limited languages of computing's early days, it can do very little — and the less a language can do, the less can go wrong.&lt;/p&gt;

&lt;h2&gt;
  
  
  The audience
&lt;/h2&gt;

&lt;p&gt;Neander is written for an unusual audience. Only agents author it; humans host it. Hence no getting-started guide, no tutorials — nothing for a manual coder.&lt;/p&gt;

&lt;p&gt;Besides the normative &lt;a href="https://newadventuresinit.github.io/neander/specification.html" rel="noopener noreferrer"&gt;specification&lt;/a&gt;, the example-driven Neander Reference is aimed squarely at the agents that will write the programs — and the runtime hands it to them in-band.&lt;/p&gt;

&lt;p&gt;The website at &lt;a href="https://newadventuresinit.github.io/neander/" rel="noopener noreferrer"&gt;newadventuresinit.github.io/neander&lt;/a&gt; is for the humans evaluating Neander and deciding whether to embed it into their systems. But before they can put it to work, one thing has yet to be published: a runtime reference implementation.&lt;/p&gt;

&lt;p&gt;It already exists — more on that next time.&lt;/p&gt;

&lt;p&gt;In the meantime, the Neander specification is live, the license is permissive, and the floor is open. Have a look around, and let me know what you think.&lt;/p&gt;

</description>
      <category>ai</category>
      <category>agents</category>
      <category>programming</category>
      <category>neander</category>
    </item>
    <item>
      <title>Source Code as the Seam Between Systems</title>
      <dc:creator>Dirk Mattig</dc:creator>
      <pubDate>Wed, 17 Jun 2026 13:51:37 +0000</pubDate>
      <link>https://dev.to/newadventuresinit/source-code-as-the-seam-between-systems-5b1p</link>
      <guid>https://dev.to/newadventuresinit/source-code-as-the-seam-between-systems-5b1p</guid>
      <description>&lt;p&gt;In my previous blog post &lt;a href="https://dev.to/newadventuresinit/speccing-is-the-new-coding-493g"&gt;Speccing Is the New Coding&lt;/a&gt;, I claimed that source code will not entirely vanish in an agentic world but will change jobs, from the substance of applications to the seam between them. The promise was to come back and dive deeper into the matter.&lt;/p&gt;

&lt;p&gt;Let's take a look.&lt;/p&gt;

&lt;h2&gt;
  
  
  The way it used to be
&lt;/h2&gt;

&lt;p&gt;In classical software development, when two systems need to talk to each other, a developer reads one system's API documentation, then writes integration code for the other system that calls those APIs in the right order with fittingly structured data. It works, and we have decades of practice at it. But the calling system never actually understands the API it is calling. Only the developer does. The system is just faithfully carrying out instructions written by a human during design time.&lt;/p&gt;

&lt;p&gt;That arrangement has already started to look somewhat quaint. When at least the calling system is agentic, deciding at runtime what it needs from the other system, the human in the middle must go.&lt;/p&gt;

&lt;h2&gt;
  
  
  The top-down approach: mathematical musings
&lt;/h2&gt;

&lt;p&gt;We humans have the built-in ability to "prompt" each other. We call it a conversation.&lt;/p&gt;

&lt;p&gt;This technique has proven so successful over the centuries that we even modeled our latest human-machine interface after it. So, why stop there? If it's this successful, it makes sense to apply the concept to machine-machine interfaces, right? Let one system tell the other, in plain English, what it wants, and together they can purposefully harness each other's capabilities to achieve a common goal.&lt;/p&gt;

&lt;p&gt;It would work. It would go down in IT history as the most generic, most flexible interface technology ever invented.&lt;br&gt;
And as the most memorable security vulnerability ever shipped.&lt;/p&gt;

&lt;p&gt;This naive approach is doomed. Plain natural language is unbounded by design. There are no limits to what can be said, and no formal guarantees about what the words mean. &lt;/p&gt;

&lt;p&gt;But there need to be boundaries. System boundaries.&lt;/p&gt;

&lt;p&gt;So if we want one system to tell another what to do, two things have to be true: &lt;/p&gt;

&lt;ol&gt;
&lt;li&gt;there have to be &lt;strong&gt;limits on what can be said&lt;/strong&gt;, and &lt;/li&gt;
&lt;li&gt;what &lt;em&gt;is&lt;/em&gt; said has to have &lt;strong&gt;unambiguous meaning&lt;/strong&gt;.&lt;/li&gt;
&lt;/ol&gt;

&lt;p&gt;These requirements clearly point to formal languages in the mathematical sense. And programming languages are of course &lt;em&gt;exactly&lt;/em&gt; formal languages with finite syntax, precise semantics, and bounded expressiveness. We invented them to talk to machines, and they happen to be the right shape for machines talking to other machines, too.&lt;/p&gt;

&lt;h2&gt;
  
  
  The bottom-up approach: tool time
&lt;/h2&gt;

&lt;p&gt;Early in the development of agentic systems, it became clear that they needed a way to interact with the outside world. So a string of techniques was invented, which we now refer to as &lt;em&gt;tool calling&lt;/em&gt;. In essence, it is a way for an agent to first absorb an API spec and then execute API calls.&lt;/p&gt;

&lt;p&gt;Sounds straightforward. It wasn't.&lt;/p&gt;

&lt;p&gt;In November 2025, the creators of the &lt;a href="https://modelcontextprotocol.io" rel="noopener noreferrer"&gt;MCP standard&lt;/a&gt; published an &lt;a href="https://www.anthropic.com/engineering/code-execution-with-mcp" rel="noopener noreferrer"&gt;article&lt;/a&gt; highlighting two important lessons learned about tool calling. &lt;/p&gt;

&lt;p&gt;First, for an agent to call a tool, it needs to know it exists; hence, all tool definitions are loaded into the agent's context up-front. This did not pose a problem for a handful of tools, but, as it turned out, customers actually needed to expose an agent to hundreds, even thousands, of tools. This led to cluttered contexts, increased response times, and also increased costs.&lt;/p&gt;

&lt;p&gt;Second, since the agent acts as the orchestrator of tool calls, every intermediate tool call result is added to the context, leading to the same problems as above, plus reliability and even data protection issues.&lt;/p&gt;

&lt;p&gt;The proposed remedy, in a nutshell, is to make the agent write code against the API and add only the end result to its context.&lt;/p&gt;

&lt;p&gt;What is interesting is that we arrive at the very same conclusion as in our top-down approach, although we started from two very distinct places: &lt;/p&gt;

&lt;p&gt;The seam between two systems is no longer a wire that carries structured data. It is a language, an exposed execution environment that the calling system uses by sending programs to it.&lt;/p&gt;

&lt;p&gt;It is worth noting that the above-mentioned article served as my initial inspiration for what I am about to suggest, even though my take on this does not follow the original proposal.&lt;/p&gt;

&lt;h2&gt;
  
  
  An agent-first programming language
&lt;/h2&gt;

&lt;p&gt;Now that we have arrived at this conclusion, the next step seems obvious: select your favorite language, make an API of your choice available to it, and tell the agent to start sending programs.&lt;/p&gt;

&lt;p&gt;Entirely possible. Pragmatic. But is it such a good choice after all?&lt;/p&gt;

&lt;p&gt;Practically all of our existing mainstream programming languages are general-purpose languages. By design, you can do literally anything with them. Sure, they will meet our requirements, no matter what they are. And we can always use sophisticated technologies, such as sandboxing, to suppress any superfluous or dangerous features we do not need.&lt;/p&gt;

&lt;p&gt;But as the famous quote by Antoine de Saint-Exupéry goes: "Perfection is achieved, not when there is nothing more to add, but when there is nothing left to take away."&lt;/p&gt;

&lt;p&gt;So, let's do this the right way round and start from scratch. What do we actually need for this specific use case?&lt;/p&gt;

&lt;ol&gt;
&lt;li&gt;
&lt;strong&gt;Simplicity&lt;/strong&gt;: An agent-centric language design aimed at API-orchestration. One call, a loop over the result, some conditional logic, another call. That's it. Nothing fancy, and no syntactic sugar.&lt;/li&gt;
&lt;li&gt;
&lt;strong&gt;Predictability&lt;/strong&gt;: Every program is guaranteed to terminate by design. No file I/O, no sockets, no system access. The language &lt;em&gt;is&lt;/em&gt; the sandbox.&lt;/li&gt;
&lt;li&gt;
&lt;strong&gt;Discoverability&lt;/strong&gt;: A program can find out about the available APIs and even the language itself &lt;em&gt;at runtime&lt;/em&gt;. No upfront documentation, no out-of-band integration step.&lt;/li&gt;
&lt;/ol&gt;

&lt;p&gt;The human in the middle has vanished. The seam no longer sits between the two systems where the translator had to place it, but has moved into the called system. It exposes the language, sets the rules, and defines the vocabulary. The calling system arrives ready to speak whatever it finds. And the three design principles above aim to make this integration seamless: simple enough that the calling system doesn't struggle to use it. Predictable enough that the called system doesn't have to fear it. Discoverable enough that no human has to explain it in advance.&lt;/p&gt;

&lt;p&gt;With all this in mind, I have created, from the ground up, a new programming language and its runtime reference implementation for precisely this use case.&lt;/p&gt;

&lt;p&gt;More on that next time.&lt;/p&gt;

</description>
      <category>ai</category>
      <category>agents</category>
      <category>programming</category>
    </item>
    <item>
      <title>TaskTrack — A Specify Spec for Agent Task Management</title>
      <dc:creator>Dirk Mattig</dc:creator>
      <pubDate>Fri, 05 Jun 2026 06:45:44 +0000</pubDate>
      <link>https://dev.to/newadventuresinit/tasktrack-a-specify-spec-for-agent-task-management-2bhh</link>
      <guid>https://dev.to/newadventuresinit/tasktrack-a-specify-spec-for-agent-task-management-2bhh</guid>
      <description>&lt;p&gt;It is time to put my proposition made in my &lt;a href="https://dev.to/newadventuresinit/speccing-is-the-new-coding-493g"&gt;previous blog post&lt;/a&gt; to the test. Is it possible to spec an application for execution by an agent without encoding it in source? Let's find out.&lt;/p&gt;

&lt;p&gt;One type of application every knowledge worker is familiar with is task management. Every task has a lifecycle status, dependencies on other tasks, and a history of progress.&lt;/p&gt;

&lt;p&gt;Let's give agents their own.&lt;/p&gt;

&lt;p&gt;&lt;a href="https://github.com/newadventuresinit/tasktrack" rel="noopener noreferrer"&gt;&lt;strong&gt;TaskTrack&lt;/strong&gt;&lt;/a&gt; is a simple but non-trivial task management system variant implemented as a &lt;a href="https://newadventuresinit.github.io/specpack/specify/" rel="noopener noreferrer"&gt;Specify&lt;/a&gt; spec. It goes beyond checkbox-based to-do lists that agents sometimes use internally and mimics the key system features listed above.&lt;/p&gt;

&lt;p&gt;TaskTrack defines two procedures: a "Plan Authoring Run" to create an interconnected set of tasks from requirements and a "Plan Execution Run" to advance a previously authored plan toward completion. One execution run might not always be enough to achieve completion, because TaskTrack allows requesting human feedback and incorporating it during the next execution run. Furthermore, every execution run is divided into "Task Processing Run" sub-procedures to allow for advanced agent context management.&lt;/p&gt;

&lt;p&gt;TaskTrack implements all of this in less than 300 lines of text. If the implementation used source code, then, depending on the programming language, this would be enough space to implement only the required file I/O operations (TaskTrack uses files for simplicity, not a database). Natural language can easily become quite bloated, but a stringent, scientific writing style and extensive use of what the Specify standard offers can effectively counter that.&lt;/p&gt;

&lt;p&gt;The official test is, how could it be any other way, the implementation of yet another uninspired Breakout clone. The requirements, the completed TaskTrack plan, and the deliverable are contained in the repository.&lt;/p&gt;

&lt;p&gt;If you want to run the test yourself, the included README file contains the necessary information, including the launch prompts for both the authoring agent and the execution agent. Please note how both launch prompts are structured. They use TaskTrack terminology and point to the relevant files. They do not contain task-related behavioral instructions. The execution agent launch prompt contains agent-specific instructions for mapping agent features to the generic TaskTrack specification. The principles behind the good old manual coding design patterns remain valid even in the agentic era!&lt;/p&gt;

&lt;p&gt;And now, finally, for the test result. In a nutshell: It works!&lt;/p&gt;

&lt;p&gt;The authoring agent created all TaskTrack files as indicated, which is, maybe, less surprising or impressive. More importantly, the execution agent showed deterministic behavior over all 16 tasks and two execution runs. I often hear that deterministic behavior must remain encoded in source due to the inherently random, and hence non-deterministic, nature of LLMs. I cannot confirm this based on the test result. The execution agent followed the step-by-step procedure definition by the book each and every time. Even the defined textual output was created as reliably and repeatably as if it were produced by a &lt;code&gt;print&lt;/code&gt; statement.&lt;/p&gt;

&lt;p&gt;It goes without saying that this single test result does not deliver a general proof of the viability of speccing. It shows it can work; it is possible. Maybe non-deterministic agent behavior is more often than not the result of unspecific instructions rather than randomness in the underlying LLM.&lt;/p&gt;

&lt;p&gt;Having said all this, the test run was far from being perfect. It produced several so-called valuable learning experiences.&lt;/p&gt;

&lt;p&gt;The first and most obvious finding is that all but one of the timestamps are incorrect. The authoring agent wrote and executed a Python script to retrieve the current UTC time. All task processing subagents simply invented timestamps. When I later asked the system about this difference in behavior, it gave an interesting answer: Creating a new timestamp is a "single, salient, one-off step... worth a real python/date call." Updating timestamp fields is "a repeated, mechanical step... every task, every run, in fresh subagent contexts," and that "models systematically deprioritize repeated boilerplate."&lt;/p&gt;

&lt;p&gt;This is not a TaskTrack issue but rather the result of an ill-equipped agent. And it is at this point, where, no matter how hard I try, I cannot stop myself from making the tongue-in-cheek remark that the machines that are feared to first fire and then nuke us apparently have no built-in access to the current time... I will keep this in mind, just in case.&lt;/p&gt;

&lt;p&gt;The second finding is that, as the agent itself remarked when reviewing the test results, task resolutions are not necessarily as brief as mandated by the TaskTrack specification. But then, what is brief? Precisely. This is the kind of hastily written, hand-wavy instruction that is open to interpretation and leads to varying results. Just because we are using natural language now does not mean we are allowed to let our rigor slip.&lt;/p&gt;

&lt;p&gt;Luckily, it is not a major pain point, since it only affects the resolution, not the core processing logic. Still, it is worth fixing in a future publication.&lt;/p&gt;

&lt;p&gt;The third finding is that, strictly speaking, the test run was flawed because these wonderful machines now have memory. Both the authoring and execution agents revealed in their thinking output that they were aware that this was a test. I do not think this flaw invalidates the qualitative test result as such. Still, future test setups will require more care and consideration.&lt;/p&gt;

&lt;p&gt;In the meantime, the TaskTrack specification is live, the license is permissive, and the floor is open. Have a look around, and let me know what you think.&lt;/p&gt;

</description>
      <category>agents</category>
      <category>ai</category>
      <category>productivity</category>
      <category>showdev</category>
    </item>
    <item>
      <title>Speccing Is the New Coding</title>
      <dc:creator>Dirk Mattig</dc:creator>
      <pubDate>Mon, 25 May 2026 10:48:20 +0000</pubDate>
      <link>https://dev.to/newadventuresinit/speccing-is-the-new-coding-493g</link>
      <guid>https://dev.to/newadventuresinit/speccing-is-the-new-coding-493g</guid>
      <description>&lt;p&gt;What do we still need source code for?&lt;/p&gt;

&lt;p&gt;It is an odd question to ask after spending a lifetime writing it, but it is the one that keeps pulling at my sleeve. Let me work backwards to explain why.&lt;/p&gt;

&lt;p&gt;The first computers were one-trick ponies. Their behavior was baked into their wiring — change the task, change the machine. Useful, expensive, inflexible. Then the elegant idea emerged that part of the data a machine processed could also control how it processed the rest, and the stored-program computer was born. Hardware became a stage; software became the play.&lt;/p&gt;

&lt;p&gt;And with software came developers — a new profession whose first and hardest job was, and still is, to &lt;em&gt;understand&lt;/em&gt; a process well enough that they could, in principle, perform it themselves. The encoding into source code was always the second step. We did it because humans, however well they understand a process, cannot match a machine for speed or reliability — and have an inconvenient need for sleep.&lt;/p&gt;

&lt;p&gt;For decades that was the deal. A business owner understood a process; a developer understood the business owner; the source code was the byproduct of that understanding, painstakingly translated through several meetings, languages, frameworks, and rather more meetings on the way to silicon.&lt;/p&gt;

&lt;p&gt;That deal has changed. The entity we now describe processes to &lt;em&gt;is already the machine.&lt;/em&gt; The author and the audience have merged. So the question writes itself: if the agent already understands what we want, why do we still ask it to produce thousands of lines of source code that we, in turn, will mostly never read?&lt;/p&gt;

&lt;p&gt;The short-term answers are perfectly good. Executing compiled code is cheaper and faster than burning tokens. The entire existing body of software — every library, every API, every running system — is encoded in source. That body of work is not going anywhere quickly — not in a year, not in a decade, probably not in two.&lt;/p&gt;

&lt;p&gt;But mid-term, I think the answer changes. Our industry has a stubborn habit of making things cheaper and faster, fast. The obstacles ahead are real, but they are the kind of constraints we have spent decades learning to engineer around. Once the economics flip, the cleanest representation of an application is no longer a tree of source files written for one runtime — it is a single document, in prose, describing the logic and behavior the application is supposed to exhibit. Read directly. Understood directly. Acted on directly.&lt;/p&gt;

&lt;p&gt;That is what I mean by &lt;em&gt;speccing is the new coding.&lt;/em&gt; And it is the reason I have just published &lt;a href="https://newadventuresinit.github.io/specpack/" rel="noopener noreferrer"&gt;&lt;strong&gt;SpecPack&lt;/strong&gt;&lt;/a&gt; — three small reference standards meant as an experimental foundation for that future. None of them are rocket science. I think of them as a bit of housekeeping for a fresh start.&lt;/p&gt;

&lt;p&gt;&lt;a href="https://newadventuresinit.github.io/specpack/minimark/" rel="noopener noreferrer"&gt;&lt;strong&gt;MiniMark&lt;/strong&gt;&lt;/a&gt; takes Markdown and removes its optionality. Humans thrive on optionality — it is how we express our individuality and our taste. Machines do not need it, and tend to find it actively confusing. MiniMark keeps the syntax humans already know and strips the redundant ways of saying the same thing.&lt;/p&gt;

&lt;p&gt;&lt;a href="https://newadventuresinit.github.io/specpack/river/" rel="noopener noreferrer"&gt;&lt;strong&gt;riVer&lt;/strong&gt;&lt;/a&gt; is a versioning scheme for textual content. It assumes a world in which sophisticated version-control systems like git are no longer required, or simply not present in the agentic environment. Once an application is a single document, a long-standing anti-pattern turns out to make sense again: putting the version number &lt;em&gt;inside&lt;/em&gt; the document and hence into the agent's context. What that version should indicate, on the other hand, is a question we get to ask from scratch. Agents do not consult a semantic version to decide whether a change is breaking — they read the spec and find out. What they need is an integer to mark the iteration, a status to mark the lifecycle stage, and a timestamp to place the change in time. riVer gives them exactly that.&lt;/p&gt;

&lt;p&gt;&lt;a href="https://newadventuresinit.github.io/specpack/specify/" rel="noopener noreferrer"&gt;&lt;strong&gt;Specify&lt;/strong&gt;&lt;/a&gt; is the most ambitious of the three: an attempt at &lt;em&gt;American English coding standards&lt;/em&gt; — conventions for expressing programmatic logic and behavior in plain English, precisely enough for an agent to act on.&lt;/p&gt;

&lt;p&gt;So — does this mean source code goes away?&lt;/p&gt;

&lt;p&gt;No. It changes jobs: from the substance of applications to the seam between them. More on that next time.&lt;/p&gt;

&lt;p&gt;In the meantime, the standards are live, the license is permissive, and the floor is open. Have a look around, and let me know what you think.&lt;/p&gt;

</description>
      <category>ai</category>
      <category>agents</category>
      <category>softwaredevelopment</category>
    </item>
    <item>
      <title>My New Adventures in IT</title>
      <dc:creator>Dirk Mattig</dc:creator>
      <pubDate>Mon, 25 May 2026 10:20:19 +0000</pubDate>
      <link>https://dev.to/newadventuresinit/my-new-adventures-in-it-4lhb</link>
      <guid>https://dev.to/newadventuresinit/my-new-adventures-in-it-4lhb</guid>
      <description>&lt;p&gt;When a blinking cursor on a screen awaited my input for the very first time, I could not possibly have anticipated that this technology would soon open up a whole new dimension for the world to live in. Having been born about six months after the Beatles split up, I happened to be in the right place at the right time when a bunch of nerds succeeded in bringing computers to the home.&lt;/p&gt;

&lt;p&gt;Now, after more than 40 years of coding as a hobby and over 25 years of software engineering as a profession, once again a blinking cursor (caret, really) awaits my input. Only this time the machine answers in far more elaborate ways than simply stating "ERROR". The more I use AI, the more evident it becomes to me that this is not just another paradigm shift like web, mobile, or cloud were.&lt;/p&gt;

&lt;p&gt;This is a new beginning. A new dimension is opening up.&lt;br&gt;
The new rules are that there will be all new rules.&lt;br&gt;
And that we do not yet know any of these new rules.&lt;/p&gt;

&lt;p&gt;This is the starting point for my ventures into the future of software, work, and business.&lt;/p&gt;

</description>
      <category>ai</category>
      <category>software</category>
    </item>
  </channel>
</rss>
