LumenJS - Lit Web Component Framework

Package	Purpose	Install
`helmet`	Security headers (XSS, HSTS, clickjacking, etc.)	`npm i helmet`
`cors`	Cross-origin resource sharing	`npm i cors`
`compression`	Gzip/Brotli response compression	`npm i compression`
`response-time`	X-Response-Time header	`npm i response-time`
`express-rate-limit`	Rate limiting	`npm i express-rate-limit`

Request to	Middleware chain
`/`	`pages/_middleware.ts`
`/admin/dashboard`	`pages/_middleware.ts` → `pages/admin/_middleware.ts`
`/api/users`	`pages/_middleware.ts` → `pages/api/_middleware.ts`

Header	Source
`Strict-Transport-Security`	`helmet`
`X-Content-Type-Options: nosniff`	`helmet`
`X-Frame-Options: SAMEORIGIN`	`helmet`
`Cross-Origin-Opener-Policy`	`helmet`
`Referrer-Policy: no-referrer`	`helmet`
`X-Response-Time: 12ms`	`response-time`

Middleware