Skip to content
Atlas docs

RFC-009: Fetch boundary in Atlas UI

Problem

Section titled “Problem”

Ad-hoc fetch scattered across views makes auth scope, telemetry, and error handling inconsistent.

Policy

Section titled “Policy”
  1. Transport layersrc/api/http.ts owns requestJSON, requestZod, AtlasApiError, and the single raw fetch used for JSON Atlas routes.
  2. Domain modulessrc/lib/atlasApi.ts, src/lib/caseApi.ts, and src/lib/projectApi.ts call requestJSON from http.ts (they do not call fetch directly).
  3. React callers — use useScopedQuery, useScopedMutation, or scopedFetch from @alexbayerl/djed-query-client so tenant/workspace/context headers and auth gates stay consistent.
  4. Auth bootstrapsrc/components/AuthProvider.tsx may use fetch for /auth/config, BFF session, and logout before scope context exists.
  5. Telemetrysrc/lib/atlasTelemetry.ts may use fetch with keepalive for fire-and-forget POST /api/telemetry.

Enforcement

Section titled “Enforcement”

ESLint no-restricted-globals on fetch for all src/**/*.{ts,tsx} except the allowlisted files above.

Non-goals

Section titled “Non-goals”

Removing fetch from the transport layer — one central caller is the intended design, not zero fetch in the bundle.