As long as it's in an external JS file, sure. CSP simply prevents you from calling script inline. `<script>#('something').hide();</script>` wouldn't work: you'd have to move your JavaScript code into an external file.

For example, you could load the library from Google's CDN by whitelisting the origin via `script-src http://ajax.googleapis.com/` and pulling the script via `<script type='text/javascript' src='http://ajax.googleapis.com/ajax/libs/jquery/1.6.4/jquery.min....