Fix broken SMTP: conditional secure flag + revoke exposed credentials

[Copilot]

The contact form SMTP was broken due to a publicly committed Gmail App Password (already revoked by Google) and a hardcoded secure: true that fails on port 587.

Changes

• Redact exposed credential — DEPLOYMENT.md contained a plaintext Gmail App Password committed to the public repo; replaced with a link to generate a new one. A fresh App Password must be set in the Netlify environment variables.
• Fix secure flag — Both netlify/functions/contact.js and server/index.js hardcoded secure: true, which only works with port 465 (SSL) and breaks with port 587 (STARTTLS).

// Before — always SSL, breaks on port 587
const transporter = nodemailer.createTransport({
  port: +process.env.SMTP_PORT,
  secure: true,
  ...
});

// After — correct for both 465 (SSL) and 587 (STARTTLS)
const smtpPort = +process.env.SMTP_PORT || 465;
const transporter = nodemailer.createTransport({
  port: smtpPort,
  secure: smtpPort === 465,
  ...
});

• Improve error logging — Netlify function now logs error.message instead of the raw error object for more readable function logs.

---

💬 Send tasks to Copilot coding agent from Slack and Teams to turn conversations into code. Copilot posts an update in your thread when it's finished.

[vercel]

The latest updates on your projects. Learn more about Vercel for GitHub.

Project	Deployment	Actions	Updated (UTC)
harshit-kulkarni-portfolio	Ready	Preview, Comment	Mar 23, 2026 0:13am

[netlify]

✅ Deploy Preview for harshitkulkarnisportfolio ready!

Name	Link
🔨 Latest commit	433a3f9
🔍 Latest deploy log	https://app.netlify.com/projects/harshitkulkarnisportfolio/deploys/69c12e546e183300088f1e69
😎 Deploy Preview	https://deploy-preview-3--harshitkulkarnisportfolio.netlify.app
📱 Preview on mobile	Toggle QR Code... Use your smartphone camera to open QR code link.

---

To edit notification comments on pull requests, go to your Netlify project configuration.