Skip to content

fix: use Chromium network stack for API requests and explain fetch failures#11

Merged
davidnuescheler merged 1 commit into
mainfrom
fix/proxy-aware-fetch
Jul 7, 2026
Merged

fix: use Chromium network stack for API requests and explain fetch failures#11
davidnuescheler merged 1 commit into
mainfrom
fix/proxy-aware-fetch

Conversation

@davidnuescheler

Copy link
Copy Markdown
Contributor

Problem

On 1.6.2 (with #10 merged), users on corporate networks now hit Error invoking remote method 'da:list': TypeError: fetch failed — a transport-level failure, not an auth one.

Two issues:

  1. Main-process requests bypass the OS network configuration. ContentApiClient and the preview proxy use Node's fetch (undici), which ignores the macOS system proxy/PAC settings and the OS certificate store. On managed machines (mandatory proxy or TLS-intercepting appliances like Zscaler), every da.live / api.aem.live request fails while browsers on the same machine work fine.
  2. The real reason is hidden. undici reports these failures as a bare TypeError: fetch failed, with the actual cause (ENOTFOUND, ETIMEDOUT, cert validation, proxy refusal) buried in err.cause, which was never surfaced.

Changes

  • Route ContentApiClient requests and the preview proxy's upstream fetches through Electron's net.fetch — Chromium's network stack, which honors the system proxy/PAC configuration and the OS trust store. Wired via withContentClient and the preview-server registry's new fetchFn pass-through; tests keep injecting fake fetches as before.
  • Wrap transport failures in ContentApiClient so the error names the request and flattens the cause chain, e.g.
    Network request failed: GET https://admin.da.live/list/org/repo/ — fetch failed ← getaddrinfo ENOTFOUND admin.da.live (ENOTFOUND). Check your network, VPN, or proxy connection.

Testing

  • New tests: cause-chain flattening (describeErrorChain), network-failure wrapping in the client, and fetchFn pass-through in the preview-server registry
  • npm run lint and npm test green (203 tests); dev app boots clean
  • Caveat: the proxy/TLS behavior itself needs validation on an actual corporate network — worth having the affected Waters user try the next build

🤖 Generated with Claude Code

…ilures

Main-process requests to da.live / api.aem.live went through Node's
fetch (undici), which ignores the OS proxy/PAC configuration and
certificate store. On corporate networks (proxy or TLS interception)
every request failed with a bare "TypeError: fetch failed" while
browsers on the same machine worked fine.

- Route ContentApiClient and the preview proxy upstream fetches through
  Electron's net.fetch (Chromium network stack: system proxy + OS trust
  store).
- Wrap transport failures so the error names the request and the
  underlying cause chain (DNS/TLS/proxy/timeout) instead of a bare
  "fetch failed", with a hint to check network/VPN/proxy.

Co-Authored-By: Claude Fable 5 <noreply@anthropic.com>
@davidnuescheler davidnuescheler merged commit c204799 into main Jul 7, 2026
4 checks passed
@trieloff

trieloff commented Jul 7, 2026

Copy link
Copy Markdown
Contributor

🎉 This PR is included in version 1.6.3 🎉

The release is available on GitHub release

Your semantic-release bot 📦🚀

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

Projects

None yet

Development

Successfully merging this pull request may close these issues.

2 participants