Skip to content

Commit

Permalink
feat(eol): Add End of Life documentation page
Browse files Browse the repository at this point in the history
  • Loading branch information
edezekiel committed Mar 6, 2024
1 parent 6bbc12b commit a8f4adc
Show file tree
Hide file tree
Showing 2 changed files with 67 additions and 0 deletions.
66 changes: 66 additions & 0 deletions site/content/docs/4.6/end-of-life.md
Original file line number Diff line number Diff line change
@@ -0,0 +1,66 @@
---
layout: docs
title: End of Life Status for Bootstrap 3 & 4
description: Bootstrap 3 was released over a decade ago in August 2013, and Bootstrap 4 over six years ago in January 2018. Since then, millions of people have learned Bootstrap, prototyped with it, and shipped some amazing sites and apps with it. While Bootstrap 5 is continuing that journey with developers all over the world, there are still tons of those teams living on an older version of Bootstrap with limited to no support. Until now.
group: end-of-life
aliases: "/end-of-life/"
toc: true
---

Bootstrap 3 reached end of life July 24, 2019, followed by Bootstrap 4 on January 1, 2023. As such, neither version receives new features, updates, or security fixes. However, both are still available on all existing distribution channels (CDNs, package managers, GitHub, etc).

We strongly recommend folks start out on or [upgrade](https://getbootstrap.com/docs/5.0/migration/) to the [latest version of Bootstrap (v5.x)](https://getbootstrap.com/), but for those who can’t upgrade just yet and have compliance or security requirements, we’re introducing [Never-Ending Support for Bootstrap 3 and 4 with HeroDevs](https://www.herodevs.com/support/nes-bootstrap?utm_source=Bootstrap_site&utm_medium=Banner&utm_campaign=v3and4_eol).

<a href="https://www.herodevs.com/support/nes-bootstrap?utm_source=Bootstrap_site&utm_medium=Banner&utm_campaign=v3and4_eol" class="btn btn-bd-primary">Purchase Bootstrap NES</a>

## What’s Next

Bootstrap 5 has been the default version of Bootstrap since May 5, 2021. Users who have migrated have enjoyed:

- **No Dependency on jQuery**<br>
Bootstrap 5 completely removes jQuery as a dependency, opting instead for vanilla JavaScript. This change was aimed at improving performance, reducing project file sizes, and catering to modern development environments where jQuery is less prevalent.

- **Enhanced Grid System**<br>
Bootstrap 5 further enhances the grid system with additional utility classes and improved customization options, making it even easier to create complex layouts. It also introduces the use of CSS custom properties (variables) for more dynamic styling.

- **Improved Customization**<br>
Bootstrap 5 focuses heavily on custom properties (CSS variables), which are easier to use and allow for real-time theme customization without the need to recompile Sass. This makes theme customization far more accessible and dynamic.

- **Updated Components and Utilities**<br>
Bootstrap 5 introduces new components (such as offcanvas menu for better mobile experiences) and updated existing components with new features and improved accessibility. It also expands Bootstraps utility API for spacing, typography, and color, providing more control over the design directly from the class attributes.

- **Improved Accessibility**<br>
Accessibility has been a focus of Bootstrap, with each version making strides in ensuring web content is accessible to all users. Bootstrap 5 emphasizes improvements in form controls, color contrast ratios, and keyboard navigation to meet WCAG (Web Content Accessibility Guidelines) standards more closely.

- **Enhanced Performance and Best Practices**<br>
By removing jQuery and making other optimizations, Bootstrap 5 aims to improve loading times and performance for websites and applications. Version 5 also embraces best practices for responsive design, encouraging a more mobile-first approach to layouts and interactions.

- **Native Dark Mode Support**<br>
While not initially released with Bootstrap 5, subsequent updates have focused on native dark mode and custom color mode support, reflecting a growing trend in user interface design preferences.

- **…and more!**<br>
When and if you can, consider migrating!

## Still on Bootstrap 3 or 4?

We know that some folks aren’t able to upgrade or fully migrate for one reason or another, so here are some other options to consider.

### Update to the Bootstrap 3 or 4 Final Release (v3.4.1 / v4.6.2)

The latest release of Bootstrap 3 (v3.4.1) and Bootstrap 4 (v4.6.2) were the final releases of these major versions and included security patches for XSS vulnerabilities (v3.x), bug fixes for enhanced stability, and updated documentation for better developer guidance.

These versions will be the starting point for extended support mentioned below.

### Purchase Extended Support for Bootstrap 3 and 4

If you have to stay on Bootstrap 3 and 4 post-EOL, we have partnered with HeroDevs to offer Never-Ending Support (NES). NES for Bootstrap 3 and 4 provides ongoing updates and security patches for both versions even after EOL so that applications with strict compliance requirements remain secure and compliant. It also guarantees that Bootstrap 3 and Bootstrap 4 applications will continue to operate effectively in modern browsers and maintain compatibility with essential libraries. Finally, Bootstrap NES has continuous security monitoring and a 14-day SLA for fixes.

Bootstrap NES is the continuation of the support you’ve enjoyed during the Bootstrap 3/4 LTS periods—but indefinitely. For more detailed information, visit the [HeroDevs Bootstrap NES page](https://www.herodevs.com/support/nes-bootstrap?utm_source=Bootstrap_site&utm_medium=Banner&utm_campaign=v3and4_eol).

### Notify Your Users of your Bootstrap 3/4 Post-EOL Plan

If you can’t migrate to Bootstrap 5 or use Bootstrap NES at the moment but still remain on Bootstrap 3 or 4, you may need to consider how you will communicate your security plans to your customers.

This does not apply to all Bootstrap users, but many teams are prohibited from shipping unsupported software by SLAs, contracts and agreements, or other obligations to downstream parties. These could be with customers, compliance agencies, or even internal company departments. For an increasing number of industries, governing regulatory bodies are also raising expectations on what software creators are accountable for.

If you work with such business requirements, You may need to let your customers, managers, CIO/CISO, or other relevant stakeholders know about your plan to manage, support and address any potential CVEs. While [Bootstrap 3 and 4 haven’t had any major vulnerabilities](https://security.snyk.io/package/npm/bootstrap) that have not received patches in later versions, CVEs do turn up for even the most mature EOL projects—whether directly or via compromised dependencies. Subscribing to CVE notifications through organizations like [OpenCVE](https://www.opencve.io/welcome) and [Snyk](https://snyk.io/) can be a good way to find out about vulnerabilities as soon as they’re discovered. Browsers may also ship changes that break legacy libraries—this is rare, but it does happen.
1 change: 1 addition & 0 deletions site/data/sidebar.yml
Original file line number Diff line number Diff line change
Expand Up @@ -90,3 +90,4 @@
- title: Brand
- title: License
- title: Translations
- title: End of Life

0 comments on commit a8f4adc

Please sign in to comment.