Apr 26, 2024

Introducing jQuery NES at HeroDevs

Ensuring Continuity and Security for jQuery Applications
Introducing jQuery NES at HeroDevs

As the web evolves, widespread technologies like jQuery face significant end-of-life (EOL) challenges. At HeroDevs, we understand the critical need to maintain security in open-source software, which is why we're proud to offer Never-Ending Support (NES) for versions 1 and 2 of jQuery. Our Never-Ending Support products ensure that your jQuery-based applications remain secure, compliant, and compatible. 

Let’s dive into how HeroDevs makes this possible and what it means for your business.

Security Vulnerabilities in jQuery

jQuery was originally developed to simplify how developers write JavaScript, offering an easy-to-use API that works across many browsers. Its ability to handle events, perform animations, and manage HTML document traversal and manipulation contributed to its immense popularity.

jQuery's versions 1 and 2 no longer receive security support. For users still depending on deprecated versions of jQuery, extended security updates are crucial for continuity in application functionality and compatibility, especially when a full-scale migration or rewrite isn’t feasible or cost-effective at the moment.

Recent vulnerabilities have raised concerns:

CVE-2020-11022 and CVE-2020-11023: Both vulnerabilities involve improper sanitization in jQuery’s HTML sanitization process, leading to potential cross-site scripting (XSS). These vulnerabilities affect versions >=1.5.1 <3.5.0.

CVE-2019-11358: Known as "Prototype Pollution," this flaw allows attackers to inject properties into existing JavaScript language construct prototypes, affecting versions <3.4.0.

CVE-2015-9251: This XSS vulnerability affects versions <1.12.0 >=1.12.3 <3.0.0-beta1.

CVE-2020-7656: Another XSS vulnerability, prevalent in versions <1.9.1.

Handling these vulnerabilities is paramount for maintaining the security and integrity of applications that still rely on jQuery.

HeroDevs’ jQuery NES: What We Offer

jQuery NES from HeroDevs is a comprehensive solution designed around the needs of businesses operating with legacy systems. Here’s what you can expect:

Security Fixes: We release an updated version of jQuery NES each time we discover, validate, and fix a security issue.

Compatibility Fixes: Guaranteed compatibility with the latest versions of major browsers including Chrome, Safari, Edge, and Firefox.

SLA Compliance: Our SLA ensures compliance with major standards like FedRAMP, PCI, and HIPAA.

Team of Experts: Our product is built with the help of jQuery contributors, ensuring the same excellent quality of support you expect.

Continuous Support Without the Hassle

jQuery NES is a drop-in replacement for jQuery, which means you don’t have to rush migration or upgrades. It’s easy to install, and our expert engineers are ready to assist you to ensure a seamless integration with your existing tech stack.

Choosing HeroDevs for jQuery NES comes with several advantages:

Expertise in Legacy Technologies: Our team’s comprehensive expertise ensures that old and new technologies seamlessly work together.

Partnerships with Core Contributors: HeroDevs collaborates with jQuery’s core contributors through our Gold membership with the OpenJS Foundation. By pioneering their initiative to secure end-of-life open source software, we ensure that our solutions are up-to-date and built on the most stable and secure foundations.

Cost-Effectiveness: jQuery NES allows you to use your existing version at a fraction of the cost of a rewrite or replacement.

Reliability: Ensure your applications continue to function flawlessly and remain compliant with modern regulatory frameworks and standards.

Giving Back to the Open Source Community

At HeroDevs, we're committed to supporting the open source community by providing financial support and resources that foster growth and sustainability. We are leading partners and sponsors of some of the most foundational projects in the open web including Vue.js, Angular, The OpenJS Foundation, Drupal Association, and many more. 

Sponsorships: Through all of our business activities we fund essential open source projects, helping to guarantee their ongoing development, success, and security into the future.

Supporting Contributors: We back the crucial contributors of these projects financially and through career development opportunities, enabling them to dedicate themselves to their innovative work. This ensures end users of open source have dedicated contributors who can continue to support the technology sustainably.

Community Events: We organize, sponsor, and participate in events that promote collaboration and innovation within the open source community, from conferences to workshops.

Ready for jQuery NES?

If you're using jQuery v1 or v2, jQuery NES from HeroDevs is your ideal solution if a rewrite or replacement isn’t an option. Whether you need continuous vulnerability scanning, modern browser compatibility, or a dedicated technical expert to help with jQuery development, our plans are designed to meet your organizational needs. For pricing and more details, visit our jQuery product page.


Maintaining and optimizing jQuery-based applications is crucial for the continued security of your applications. With HeroDevs, you gain a partner who understands the intricacies of both old and new web technologies. jQuery Never-Ending Support from HeroDevs ensures your applications remain efficient, secure, and aligned with current standards.

Don’t let legacy systems slow you down. Contact us today to learn how our jQuery NES can breathe new life into your applications.

. . .
About HeroDevs

HeroDevs partners with open-source authors to offer comprehensive solutions for sunsetted open-source software. Our Never-Ending Support products ensure businesses remain secure and compliant, even as their depended-upon open-source packages reach end-of-life. Alongside this, our elite team of software engineers and architects provides expert consulting and engineering services, assisting clients in migrating from deprecated packages and modernizing their technology stacks.

Article Summary
HeroDevs offers Never-Ending Support for jQuery, ensuring legacy applications remain secure, compatible, and compliant with modern standards.
Thought Leadership
Related Articles
HeroDevs Champions Cybersecurity by Joining CISA’s Secure by Design Pledge
HeroDevs Signs CISA's Secure by Design Pledge to Join the Effort for a More Secure Web
HeroDevs Joins OpenJS Foundation’s Ecosystem Sustainability Program as First Partner
HeroDevs Partners with OpenJS Foundation to Ensure Open Source Sustainability and Security
Angular 15 End-of-Life: Navigate Migration, Tackle Breaking Changes, and Ensure Ongoing Support with HeroDevs
Ensuring Seamless Transition and Continuous Support Beyond Angular 15’s EOL