From 4ada1541900539ce585a26642eecc7e8e56d16f6 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Marc=20Cornell=C3=A0?= <marc@mcornella.com>
Date: Fri, 18 Oct 2024 14:27:54 +0200
Subject: [PATCH] chore(installer): only serve installer in / and /install.sh

This avoids false positive detections on other bruteforced paths,
such as .zsh_history or others, which eventually result in
automated false vulnerability submissions.
---
 .github/workflows/installer/vercel.json | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/.github/workflows/installer/vercel.json b/.github/workflows/installer/vercel.json
index 524dc3c0f..88ec18725 100644
--- a/.github/workflows/installer/vercel.json
+++ b/.github/workflows/installer/vercel.json
@@ -1,7 +1,7 @@
 {
   "headers": [
     {
-      "source": "/((?!favicon.ico).*)",
+      "source": "/(|install.sh)",
       "headers": [
         {
           "key": "Content-Type",
@@ -16,7 +16,7 @@
   ],
   "rewrites": [
     {
-      "source": "/((?!favicon.ico|install.sh).*)",
+      "source": "/",
       "destination": "/install.sh"
     }
   ]