Get Commercial Support for Outdated Versions
The Ecosystem Sustainability Program (ESP) helps project maintainers continue providing public support for any software version, including those covered by an ESP partner, without restrictions.
The OpenJS Foundation supports its projects by improving their security through guidance, engineering support, and structured programs.
Take advantage of expert resources and hands-on support to improve your project’s security posture through insights and tools to make smart, efficient security improvements, tailored guidance through our Security Compliance Program and use our CVD resources to respond effectively to security issues.
Get Commercial Support for Outdated Versions
The Ecosystem Sustainability Program (ESP) helps project maintainers continue providing public support for any software version, including those covered by an ESP partner, without restrictions.
Join our weekly Security Collaboration Space, our working group to discuss ongoing initiatives and share updates on our work. We welcome external perspectives and invite all interested participants to contribute to the conversation.
Thank you to our supporters
A checklist of essential security practices for OpenJS projects.
A dashboard and automation tool for monitoring security compliance.
Evaluates tools and provides guidance on Software Bill of Materials and attestations.
A quick reference for safely publishing to npm and managing CVEs.
Resources for open source maintainers responding to vulnerability disclosures.
A guide for OpenJS project maintainers to understand and engage with the OpenJS CNA.
Ensure the security of your Node.js installation by checking for known vulnerabilities.
Check for the latest version of popular web technology jQuery.
“At the OpenJS Foundation, security is a shared responsibility and a top priority. Our maintainers work at the frontlines of the JavaScript ecosystem, and we want to help ensure they have the tools, guidance, and support they need to protect users at every level. Through collaboration with our partners, we're raising the bar for open source security.”
JavaScript is foundational to the web, and OpenJS Foundation project maintainers are committed to securing this critical infrastructure. By collaborating with the broader ecosystem, the Foundation aims to share best practices, set baseline security standards, and secure resources to advance ambitious, transparent security goals across all OpenJS projects.
Check out the below resources to see how you can improve your security best practices, and get involved with our community.