Hey Pickful community,

Based on your reports, here’s a small batch of fixes — the headline one being: Following showed posts from people you don’t follow starting from page 2. That’s fixed now. We also cleaned up two CDN cache-poisoning variants that surfaced after the previous round (announcement #117).

🐛 Following page 2+ was leaking the Explore feed

A few of you flagged this: scroll past page 1 of Following, and posts from accounts you don’t follow start showing up. Page 1 was clean — only who you follow.

Turned out to be a pagination routing bug:

Page 1 is loaded directly by the controller using the “people you follow + yourself” filter. But the helper that builds the “next page” link had no Following branch — so the next-page request quietly redirected to /posts?page=2, which is the Explore feed’s page 2. Explore shows everyone, hence the strangers.

Fixed: Following now stays Following, no matter how far you scroll.

⚡ Flash notices no longer cross sessions

Several public pages (coin pages, topic lists, search results) sit behind a CDN for speed. The trap: when a signed-in user completes an action — likes a post, saves a bookmark — we render a “success” flash notice on the next page. That notice was getting cached alongside the page. The next anonymous visitor on the same URL saw the previous user’s flash — “Saved!”, “Please sign in” — popping up out of nowhere.

The fix: when a response carries a flash message, we now downgrade the cache policy to “don’t cache” automatically — that response belongs to one user only, and the CDN drops it. Responses without a flash still ride the CDN normally, so performance is unchanged.

While we were in there, every CDN-cached feed page now has a client-side hydration layer: your likes, bookmarks, blocked users, and manageable-topics state all refresh from the live session right after the cached HTML loads. The cached version no longer dictates what you see.

➕ The “+ New Topic” button on Topics

Same root cause as the previous “Content missing” fix: /topics is CDN-cached, but the page had two “New Topic” buttons that branched on sign-in state and client type. If an anonymous (or native-app) user warmed the cache first, neither button ended up in the cached HTML — and signed-in users couldn’t see it either, leaving them unable to start a new topic.

Fix mirrors the previous round: move the auth-gated bit into a non-cached personalize endpoint, keep the cached HTML identical for everyone, and render the button against the real session. We also shortened the EN title from “Topics Square” to “Topics” so it stops wrapping to two lines on narrow mobile-web screens.

🧹 Side note: Sentry removed

We used to use Sentry for error monitoring, but moved off it onto our own internal observability stack a while back — Sentry has been sitting dormant. We dropped the gem, the initializer, and the CSP allowance in one go. Two fewer dependencies. Invisible to you — pure internal hygiene.

💬 To the community

Most of these came from your reports or our own follow-ups — Following page 2 was a direct user catch, the Topics button was someone noticing it mid-use. Reports like that are how the small stuff gets found. Keep them coming.

These fixes are live across Web, iOS, and Android — no app update needed.

The Pickful team
April 28, 2026