We’re excited to announce that TuxCare has joined the OpenJS Foundation as a Gold member and a strategic partner in our Ecosystem Sustainability Program (ESP). This partnership is a significant step forward in our mission to ensure the long-term health, security, and reliability of the JavaScript ecosystem.

Through the ESP, TuxCare will provide enterprise-grade security support for organizations running older, unsupported versions of critical OpenJS projects. This collaboration gives development teams the "breathing room" they need to plan migrations to newer releases while maintaining a robust security posture today.

Strengthening Open Source Security

TuxCare is a leader in long-term security and reliability for open-source software. For more than a decade, it has kept end-of-life open-source software secure in enterprise production after upstream maintenance ends. By joining the ESP, TuxCare brings a distinctive capability to the OpenJS community: security patching that, by default, covers the full transitive dependency tree of end-of-life projects, the surface where most EOL risk actually lives. This lets organizations maintain security and compliance on end-of-life versions for as long as they need.

"Joining the OpenJS Foundation reflects how central JavaScript has become to enterprise infrastructure, and it puts our work alongside others focused on keeping that infrastructure secure. We're applying our expertise in long-term security support to JavaScript projects and their full transitive dependency trees, so organizations running end-of-life versions can stay protected and audit-ready while they plan their upgrade paths."

— Igor Seletskiy, CEO at TuxCare

Supporting the Ecosystem Sustainability Program (ESP)

The Ecosystem Sustainability Program (ESP) was designed to support companies that contribute to the ecosystem in meaningful ways. ESP partners like TuxCare help underwrite the myriad of activities required to sustain OpenJS projects by providing commercial services for security fixes to archived or end-of-life versions.

“We’re thrilled to welcome TuxCare to the program,” said Robin Bender Ginn, Executive Director of the OpenJS Foundation. “Their focus on long-term security support for end-of-life open source software addresses a massive real-world challenge for enterprise organizations. TuxCare’s involvement demonstrates how corporate participation can directly fuel the sustainability of open source projects.”

What This Means for the Community

• Enhanced Security: Organizations using older versions of OpenJS projects now have a path to enterprise-grade security support.
• Sustainability: A portion of the revenue generated through this partnership directly supports the maintainers and the Foundation’s work.
• Flexibility: Teams can manage their upgrade cycles on their own timelines without sacrificing security in the interim.

“The OpenJS Foundation is committed to providing our projects with the resources they need to thrive at every stage of their lifecycle. TuxCare’s focus on long-term security support for end-of-life open source software and their support for the Ecosystem Sustainability Program (ESP) is a perfect example of how industry collaboration can solve complex technical challenges for maintainers and users alike,” said Joe Sepi, OpenJS Foundation Board Member and Cross Project Council Chair. “Their expertise will be invaluable as we continue to fortify the JavaScript ecosystem against modern security threats.”

Learn More

The OpenJS Foundation’s ESP is open to organizations that want to support the long-term health and growth of the JavaScript ecosystem.

• Visit the OpenJS Foundation ESP page to learn more about membership.
• Explore TuxCare's Endless Lifecycle Support (ELS) program to see how it extends security coverage for end-of-life open-source software.