Skip to content

fix(site): remove phishing-like mail redirects#60

Merged
ilyar merged 1 commit into
mainfrom
fix/virustotal-findings
Jun 1, 2026
Merged

fix(site): remove phishing-like mail redirects#60
ilyar merged 1 commit into
mainfrom
fix/virustotal-findings

Conversation

@ilyar

@ilyar ilyar commented Jun 1, 2026

Copy link
Copy Markdown
Contributor

Summary

  • replace direct Gmail compose links with internal contact anchors and a standard mailto link
  • remove the external mail.google.com redirect from the production JS bundle
  • make the deploy VirusTotal job fail when malicious or suspicious detections are present

VirusTotal context

Latest deploy re-analysis for https://ever-guild.net/ reported malicious=4, suspicious=0. Flagged engines: ADMINUSLabs, Chong Lua Dao, CRDF, CyRadar. CyRadar labeled the URL as phishing. Direct Gmail compose links are the most phishing-like element in the rendered app, so this removes them and keeps contact on-domain/standard.

Validation

  • npm run lint
  • npm run acceptance:test
  • npm run lighthouse
  • verified production build no longer contains mail.google.com

@ilyar ilyar merged commit 022da4a into main Jun 1, 2026
4 checks passed
@ilyar ilyar deleted the fix/virustotal-findings branch June 1, 2026 06:14
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

None yet

Projects

None yet

Development

Successfully merging this pull request may close these issues.

1 participant