mizan/ROADMAP.md

Mizan Roadmap

v1 — Django + React

Done

• @client decorator — context=, affects=, auth=, websocket=
• ReactContext class — type-safe context/affects references with linting
• Named contexts — functions sharing a context name are grouped into one provider and one fetch
• Context bundling endpoint — GET /api/mizan/ctx/<name>/ returns all functions in one response
• Server-driven invalidation — mutation responses carry invalidate from affects= metadata
• Scoped invalidation — runtime supports invalidate: [{context: "user", params: {user_id: 5}}]
• Param elevation — shared params become required provider props, non-shared become optional
• Schema export — x-mizan-functions + x-mizan-contexts for codegen
• Auth guards — auth=True, auth='staff', auth='superuser', auth=callable
• JWT + session auth — auto-detected, CSRF handled
• Shapes — Pydantic + django-readers for typed query projections
• WebSocket channels — real-time bidirectional communication
• Codegen — generates typed React providers, hooks, mutations from schema

Next: CDN-Ready Headers

Context GETs must be cacheable by a CDN sitting in front of Django.

• Cache-Control headers on GET /api/mizan/ctx/<name>/ responses
• Vary headers for auth-dependent responses
• Deterministic JSON output (sorted keys)
• Mutation POSTs must return Cache-Control: no-store
• Context error responses must not be cached

Next: Fold mizan-runtime into mizan-react

The runtime (~150 lines: context registry, invalidation batcher, fetch primitives) merges into mizan-react. Framework-agnostic split is deferred until a second frontend adapter exists.

Next: SSR Bridge

Django renders React components server-side via a persistent Bun subprocess.

• Bun worker: stdin/stdout JSON-RPC, renderToString, component registry
• Django bridge: subprocess management, IPC, request synthesis
• Template tag: {% mizan_render "ProfilePage" user_profile=profile %}
• Hydration: window.__MIZAN_SSR_DATA__ consumed by generated providers
• Generated contexts check SSR data before first fetch

Next: Codegen Rewrite

Generated code uses the runtime directly (mizanFetch, mizanCall, registerContext) instead of the legacy MizanProvider pattern. Mutations have zero invalidation knowledge — the runtime reads the server response.

---

Mizan Cloud (closed-source)

Mizan Edge

Cloudflare Workers for automatic edge caching.

• Reads the Mizan schema to configure cache rules
• Context GETs cached at the edge, keyed by context name + params
• Mutation POSTs trigger cache purges from the invalidate response key
• Zero configuration — the schema IS the cache policy

Mizan Render

SSR at the edge via Cloudflare Workers.

• The Bun SSR bridge, running on Cloudflare instead of colocated with Django
• Context data fetched from Django (or edge cache), rendered at the edge
• HTML response streamed to the user from the nearest PoP

Mizan Deploy

One-command deployment for Django + React apps.

• Container orchestration (AWS/Azure)
• Edge + Render auto-configured
• mizan deploy from the CLI
• The Vercel experience for Django

---

Protocol Spec

The protocol is the product. Every endpoint is designed for a CDN.

Context fetch

GET /api/mizan/ctx/<name>/?param=value

200 OK
Cache-Control: public, max-age=60, stale-while-revalidate=300
Vary: Authorization, Cookie

{
    "function_a": { ... },
    "function_b": [ ... ]
}

Mutation call

POST /api/mizan/call/
Cache-Control: no-store

{
    "result": { ... },
    "invalidate": ["context_name"]
}

Scoped invalidation

{
    "result": { ... },
    "invalidate": [
        "notifications",
        { "context": "user", "params": { "user_id": 5 } }
    ]
}