codeql/javascript/ql/test/query-tests/Security/CWE-693/InsecureHelmetGood.js

const express = require("express");
const helmet = require("helmet");

const app = express();

app.use(helmet());  // OK - use the defaults

app.get("/", (req, res) => {
  res.send("Hello, world!");
});

app.listen(3000, () => {
  console.log("App is listening on port 3000");
});