fix: move vite plugins into the packages that use them

[mabdullahabaid]

I was looking into Dependabot Alert 107 and figured that the alert is caused by vite-plugin-dts, which is a development dependency and does not make it into the production build for it to be dangerous.

However, while at it, I also saw that some packages used plugins from root package.json while others had them defined in their local package.json. Therefore, I refactored to move plugins where they're required and removed a redundant package.

Builds for the following succeed as intended:

• twenty-ui
• twenty-emails
• twenty-website
• twenty-front

[greptile-apps]

Greptile Overview

Greptile Summary

This PR improves dependency management by moving Vite plugins from the root package.json to the specific packages that actually use them. This addresses Dependabot Alert 107 by clarifying that vite-plugin-dts is a dev dependency.

Key changes:

• Removed vite-plugin-checker, vite-plugin-cjs-interop, vite-plugin-dts, and vite-plugin-svgr from root devDependencies
• Added plugins to package-specific devDependencies based on usage in vite.config.ts files:
  • twenty-emails: added vite-plugin-dts@3.8.1
  • twenty-front: added vite-plugin-checker@^0.10.2 and vite-plugin-svgr@^4.3.0
  • twenty-ui: added vite-plugin-checker@^0.10.2 and vite-plugin-dts@3.8.1
• Removed unused vite-plugin-cjs-interop (not used by any package)
• Cleaned up transitive dependencies in yarn.lock (oxc-parser and related bindings)

Note: The PR description mentions that twenty-website build succeeds, but this package uses Next.js (not Vite), so it's unaffected by these changes.

All affected packages already had these plugins available via root dependencies, so this refactor only reorganizes existing working code without functional changes.

Confidence Score: 5/5

• This PR is safe to merge with minimal risk - it's a dependency organization refactor with no functional changes
• This PR is a straightforward dependency management improvement that moves Vite plugins closer to where they're used. The changes are low-risk because: (1) all plugins were already available via root package.json, so builds were working, (2) the refactor only relocates existing dependencies without version changes (except standardizing svgr to ^4.3.0), (3) unused vite-plugin-cjs-interop is safely removed, (4) the author verified builds succeed for all affected packages, and (5) yarn.lock changes are consistent with the package.json updates
• No files require special attention

Important Files Changed

File Analysis

Filename	Score	Overview
package.json	5/5	Removed vite plugins (vite-plugin-checker, vite-plugin-cjs-interop, vite-plugin-dts, vite-plugin-svgr) from root devDependencies, keeping only core vite
packages/twenty-emails/package.json	5/5	Added vite-plugin-dts@3.8.1 to devDependencies since this package uses it in vite.config.ts
packages/twenty-front/package.json	5/5	Added vite-plugin-checker@^0.10.2 and vite-plugin-svgr@^4.3.0 to devDependencies since this package uses them in vite.config.ts
packages/twenty-ui/package.json	5/5	Added vite-plugin-checker@^0.10.2 and vite-plugin-dts@3.8.1 to devDependencies since this package uses them in vite.config.ts
yarn.lock	5/5	Removed unused dependencies (vite-plugin-cjs-interop and its transitive deps like oxc-parser), updated package references to reflect new locations

Sequence Diagram

sequenceDiagram
    participant Dev as Developer
    participant Root as Root package.json
    participant Emails as twenty-emails
    participant Front as twenty-front
    participant UI as twenty-ui
    participant Shared as twenty-shared
    participant SDK as twenty-sdk
    
    Note over Root,SDK: Before: Plugins in root package.json
    Root->>Emails: ❌ vite-plugin-dts (missing)
    Root->>Front: ❌ vite-plugin-checker, svgr (missing)
    Root->>UI: ❌ vite-plugin-checker, dts (missing)
    Root->>Shared: ✓ vite-plugin-dts (already had)
    Root->>SDK: ✓ vite-plugin-dts (already had)
    
    Note over Dev: Refactor: Move plugins to packages
    
    Dev->>Root: Remove unused vite-plugin-cjs-interop
    Dev->>Root: Remove vite-plugin-checker
    Dev->>Root: Remove vite-plugin-dts
    Dev->>Root: Remove vite-plugin-svgr
    
    Dev->>Emails: Add vite-plugin-dts@3.8.1
    Dev->>Front: Add vite-plugin-checker@^0.10.2
    Dev->>Front: Add vite-plugin-svgr@^4.3.0
    Dev->>UI: Add vite-plugin-checker@^0.10.2
    Dev->>UI: Add vite-plugin-dts@3.8.1
    
    Note over Root,SDK: After: Each package has its own plugins
    Emails->>Emails: ✓ Uses vite-plugin-dts locally
    Front->>Front: ✓ Uses checker & svgr locally
    UI->>UI: ✓ Uses checker, dts & svgr locally
    Shared->>Shared: ✓ Uses vite-plugin-dts locally
    SDK->>SDK: ✓ Uses vite-plugin-dts locally

Loading

[greptile-apps]

_{4 files reviewed, no comments}

_{Edit Code Review Agent Settings | Greptile}

[github-actions]

🚀 Preview Environment Ready!

Your preview environment is available at: http://bore.pub:44500

This environment will automatically shut down when the PR is closed or after 5 hours.

[cursor]

You have run out of free Bugbot PR reviews for this billing cycle. This will reset on January 15.

To receive reviews on all of your PRs, visit the Cursor dashboard to activate Pro and start your 14-day free trial.