checklist.day

koa-lusca

JSON →
library 2.2.0 ·javascript maintenance
verified May 27, 2026
auth-securityweb-framework

Web application security middleware for koa, forked from krakenjs/lusca. Version 2.2.0 provides CSRF protection, Content Security Policy (CSP), X-Frame-Options (clickjacking), P3P privacy headers, HSTS, and XSS protection. This package is actively maintained but does not support Koa v2 (async/await) or modern ESM. Release cadence is low; last update was 2019. Key differentiator: it brings lusca-style security to Koa v1, but developers should consider alternatives like 'koa-helmet' for Koa v2.

Traffic · last 30 days ↓45% vs prev 7d · indexed Sat Apr 25 · updated Tue Jun 09

total hits 23
actors 7 distinct systems
last hit 1d ago AhrefsBot
Amazonbot
4
MetaBot
4
GPTBot
2
Script
1
Search engines
1
Humans
6

top countries 🇺🇸 United States · VN · 🇨🇦 Canada · 🇸🇬 Singapore · 🇳🇴 Norway

Resources

githubgithub.com/koajs/koa-lusca ↗
packagewww.npmjs.com/package/koa-lusca ↗

API endpoints

full doc /v1/registry/koa-lusca
install /v1/registry/koa-lusca/install
compatibility /v1/registry/koa-lusca/compatibility