AdoptDontShop
1 Jul 2026
API reliability; session tokens hardened; cold-start fix.
A full review of the API gateway contract closed edge cases where some list endpoints mis-serialised array data, some DELETE and POST routes rejected valid requests, and the top picks endpoint returned malformed responses — all 939 gateway tests now pass and the interactive API docs at /docs accurately reflect every endpoint. Refresh tokens are now stored as one-way hashes; a database exposure can no longer replay an active session. The adopter portal, rescue dashboard and admin panel no longer return errors for around 40 seconds after a cold boot — all three now wait for the gateway to be healthy before serving.
AdoptDontShop
30 Jun 2026
Rescue events; live analytics data; profile update fix.
Rescues can now create, publish and manage their own events — adoption days, fundraisers, volunteer sessions and community meetups — with attendee registration, check-in and capacity tracking built in. The rescue dashboard analytics page now shows real-time figures for adoption trends, application status, pet performance and top breeds; the previous placeholder data has been removed. A bug that silently dropped profile updates has been fixed — account changes now save correctly.
AdoptDontShop
30 Jun 2026
Security: password-reset and verification links hardened.
The one-time tokens inside password-reset and email-verification emails are now stored as SHA-256 hashes on the server. A database read alone can no longer produce a valid link to take over an account.
AdoptDontShop
29 Jun 2026
Analytics reports: save, schedule and share. Policy and application security fixes.
Rescue analytics reports can now be saved with a name, re-run to pull live figures, scheduled for recurring delivery and shared with team members. A bug preventing changes to a rescue’s adoption policy from saving has been fixed. Adoption applications now derive the applicant’s identity strictly from their authenticated session — a crafted request can no longer submit an application as a different user.
AdoptDontShop
22–23 Jun 2026
Admin panel: triage inbox, bulk pet management, privacy tools and staff visibility.
A wave of admin improvements: moderation reports and support tickets now land in a single filterable, sortable triage inbox, making platform health easier to manage in one view. Admins can bulk-update pet listings and manage pets across every rescue from one place. A new privacy tools panel lets administrators export a user’s personal data and schedule account deletion. The Rescue detail Staff tab surfaces current staff and pending invitations at a glance. Several previously broken actions — rescue dashboard analytics, rescue detail controls, support ticket assignment and staff management — have been restored.
Pairflix
Jun 2026
Watch on Netflix, Prime or Disney+ — one tap away. Picks now tracked.
The TonightPicker recommendation card now shows deep-link buttons for every streaming platform a title is available on — tap to open it directly in the app, no searching required. Every recommendation now records whether the household accepted it, swapped it out, or dismissed it. Per-household 30-day stats surface your first-pick acceptance rate and a breakdown by platform.
AdoptDontShop
23 Jun 2026
Account sanction notices; application drafts now autosave.
Adopters and rescue users with an active account sanction now see a clear banner explaining it, which they can acknowledge. In-progress adoption applications save automatically as you fill them in and can be resumed later — this also fixes a bug that had silently broken pre-filling new applications from your saved details.
AdoptDontShop
22 Jun 2026
Rescue dashboard: bulk application actions restored.
Approving, rejecting, withdrawing or advancing the stage of one or more applications at once had stopped working for rescue staff. Both bulk and single-application actions are now working correctly again.
AdoptDontShop
20 Jun 2026
Personalised pet recommendations; faster applications.
A new Top Picks page — and a refreshed home page — surfaces personalised pet recommendations ranked by your match preferences, each with a plain-language reason for the suggestion. New adoption applications now pre-populate from your saved details, and those defaults update automatically as you apply. Separately, a bug preventing rescues from saving changes on their dashboard Settings page has been fixed.
AdoptDontShop
19 Jun 2026
Security: inline styles removed from CSP. Full API documentation published.
The frontend’s Content-Security-Policy no longer permits unsafe-inline for stylesheets, closing a CSS-injection vector; a CI guard now blocks any regression. Every route across the application and document lifecycle now declares its contract in the interactive API docs at /docs, for integration partners and SDK generators.
AdoptDontShop
18 Jun 2026
Staff invitations, 2FA, pet favourites and custom application questions.
Rescue staff can now accept email invitations to join their organisation — the invite link creates or connects an account and grants team access automatically. Accounts can enrol in two-factor authentication (TOTP); once enabled, a one-time code is required at every sign-in. Adopters can save favourite pets and return to them at any time. Rescues can add their own screening questions to the adoption application form, with answers captured on submission.
AdoptDontShop
18 Jun 2026
Security: high-severity vulnerabilities patched; production images pinned.
Two CVE-grade advisories — an arbitrary file read risk in the email delivery library and a TLS certificate validation bypass in HTTP transport — have been resolved. All production container images are now pinned to immutable content digests; a CI gate blocks any unverified image from deploying. Automated audit reports zero high-severity findings.
AdoptDontShop
17 Jun 2026
Login restored after gateway migration.
Following the switch from the legacy monolith to the new Fastify API gateway, the adopter portal had an auth contract mismatch that prevented users from signing in. The contract is now aligned — login works correctly end-to-end across the adopter portal, rescue dashboard and admin panel.
AdoptDontShop
17 Jun 2026
Adopters can now update their own notification preferences.
A permissions gap meant adopters could not save changes to their notification settings without triggering an authorisation error. Each account can now update its own channel preferences — in-app vs. email, per notification type — without requiring a staff intervention.
AdoptDontShop
16 Jun 2026
Auth security hardening.
Registration no longer reveals whether an email address is already in use — your privacy is protected regardless of account state. New accounts now require email verification before becoming active. Signing out a device or resetting your password immediately invalidates all related access tokens; previously issued tokens can no longer be replayed.
AdoptDontShop
16 Jun 2026
Data isolation, notification opt-outs and infrastructure reliability.
Applications are now strictly scoped to the adopter who submitted them; pet listings are correctly isolated to the managing rescue — no cross-organisation data access is possible. Email notification opt-outs are enforced per notification type, so opting out of one category doesn’t affect others. A dead-letter queue now captures any background event that fails processing, eliminating silent data loss.
AdoptDontShop
15 Jun 2026
Email notifications live.
Adopters and rescue staff now receive application updates, new messages and rescue decisions by email as well as in-app. Each account’s saved channel preferences are enforced at send time — if you’ve opted out of email for a notification type, it stays in-app only. A deduplication guard ensures each alert arrives exactly once.
AdoptDontShop
15 Jun 2026
Microservices migration complete. Security hardening pass done.
All ten domain services now run as independent containers — the legacy monolith is deleted. Separately: all high-severity findings from an automated static-analysis security audit have been resolved, and the API documentation page is now gated behind admin credentials. The platform is closer to closed beta readiness.
AdoptDontShop
25 May 2026
Roadmap re-baselined to closed beta Aug–Sep 2026.
Original §15 beta target (Q4 2025) was missed. The May 2026 re-baseline replaces it with seven sequenced milestones: legal foundation, data protection package, platform hardening, closed beta, trust & safety, payments & commercial, and public launch in November. Demand signal preserved — 5 lister LOIs and a 1,000+ adopter waitlist carried in.
AdoptDontShop
25 May 2026
Sprint focus published.
Rescue profile builder (drag-and-drop, three columns) live in staging. Geographic search by postcode in review. 6-step application workflow in design. Welfare-incident reporting from the adopter side next.
AdoptDontShop
25 May 2026
Scope cuts logged.
Three features dropped on purpose: a rescue ratings system (against principle), an adopter “wishlist” (animal-as-listing — no thanks), and premium rescue placements (the £40k cheque we turned down).
AdoptDontShop
26 Apr 2026
Proposal moved to In Build.
The ADS proposal cleared the gate and is now an active venture on the studio platform. Stack locked: React + Vite + TypeScript, Node + Express + Sequelize, PostgreSQL 16 + PostGIS, Redis 7, Socket.io, Turborepo. Lead: Alex Jenkinson.
AdoptDontShop
26 Apr 2026
Alpha feature-complete.
Six engineering milestones standing: monorepo + Docker dev stack, JWT auth + rescue registration, pet listings with staff permissions + photo upload, adopter browse/filter/like flow, real-time messaging on Socket.io, and Docker dev + prod environments. Closing 18 open issues + QA pass before handing off to compliance.
Pairflix
Apr 2026
Early alpha state captured.
Platform stack standing — three apps (client, admin, backend), JWT auth, watchlist + partner matching, TMDB integration, TypeScript strict mode, full test suite passing, multi-stage Docker builds behind Nginx. No public users yet; matcher and partner-pairing UX in flight before opening a closed alpha.