Koa Security Headers (Helmet Wrapper)

koa-helmet is a middleware collection for the Koa.js framework, providing essential HTTP security headers by wrapping the popular `helmet` library. It helps protect Koa applications from common web vulnerabilities by setting various headers like Content Security Policy (CSP), HSTS, X-Frame-Options, and more. The current stable version is 9.0.0, which notably introduces native ESM and CJS publishing without API changes. The package maintains an active release cadence, aligning with updates to both Koa (supporting v2 and v3) and Helmet (supporting versions 6, 7, and 8) via peer dependencies. A key differentiator is its minimal direct dependency footprint, relying solely on peer dependencies for `koa` and `helmet`, ensuring flexibility and control over core library versions in the consuming application. It ships with TypeScript typings, making it suitable for modern TypeScript-based Koa projects.