This is crazy. It's especially crazy how nonchalantly the employees are replying. The person suggesting that Railway should clearly show the effected logs is right.

This is exactly why I never trust 'accidental' feature rollouts in production environments. Any CDN or hosting provider that can accidentally expose private data has serious issues with their deployment process and access controls. Railway should have caught this in staging - the fact that it made it to production suggests they don't have proper testing for permissioning logic, which is absolutley terrifying for anyone hosting sensitive apps there.