fix: restore vite-tsconfig-paths for baseUrl resolution

[thomasheartman]

This is an attempt to fix the Enterprise build issue due to to theme/app.css not being found. Claude suggests that it may be related to Vite 8's built-in resolve.tsconfigPaths: true not handling baseUrl-relative resolution reliably.

I'm not positive that this will fix it, but it's a small change and it goes back to the way we did it before vite8, so it seems worth trying. It's hard to replicate locally, so this is probably the quickest way to validate it. For reference, the handling was updated in #11766.

Running the front end with this plugin makes vite emit this:

The plugin "vite-tsconfig-paths" is detected. Vite now supports tsconfig paths resolution natively via the resolve.tsconfigPaths option. You can remove the plugin and set resolve.tsconfigPaths: true in your Vite config instead.

However, there may still be some issues left to fix (e.g. vitejs/vite#21856 ; upstream PR to fix it oxc-project/oxc-resolver#1080)

Claude's summary:

Vite 8's built-in resolve.tsconfigPaths: true only handles paths mappings reliably; baseUrl-relative resolution is fragile in some environments (we hit it in enterprise's pnpm-driven prepack of OSS, where themes/app.css and similar bare imports failed to resolve).

The pre-Vite-8 vite-tsconfig-paths plugin handled both. Re-add it with the same plugin position as before, and drop the built-in flag to avoid two resolvers disagreeing on edge cases. Drop the plugin again once the built-in handler matures.

[github-actions]

Dependency Review

The following issues were found:

• ✅ 0 vulnerable package(s)
• ✅ 0 package(s) with incompatible licenses
• ✅ 0 package(s) with invalid SPDX license definitions
• ✅ 0 package(s) with unknown licenses.
• ⚠️ 1 packages with OpenSSF Scorecard issues.

See the Details below.

OpenSSF Scorecard

Package	Version	Score	Details
npm/globrex	0.1.2	⚠️ 2.1	Details Check Score Reason Maintained ⚠️ 0 0 commit(s) and 0 issue activity found in the last 90 days -- score normalized to 0 Packaging ⚠️ -1 packaging workflow not detected Dangerous-Workflow ⚠️ -1 no workflows found Token-Permissions ⚠️ -1 No tokens found Code-Review ⚠️ 1 Found 4/22 approved changesets -- score normalized to 1 Binary-Artifacts 🟢 10 no binaries found in the repo Pinned-Dependencies ⚠️ -1 no dependencies found CII-Best-Practices ⚠️ 0 no effort to earn an OpenSSF best practices badge detected Security-Policy ⚠️ 0 security policy file not detected Fuzzing ⚠️ 0 project is not fuzzed Signed-Releases ⚠️ -1 no releases found Branch-Protection ⚠️ 0 branch protection not enabled on development/release branches SAST ⚠️ 0 SAST tool is not run on all commits -- score normalized to 0 License 🟢 10 license file detected
npm/tsconfck	3.1.6	🟢 3.5	Details Check Score Reason Maintained ⚠️ 0 0 commit(s) and 1 issue activity found in the last 90 days -- score normalized to 0 Code-Review ⚠️ 0 Found 1/19 approved changesets -- score normalized to 0 Packaging ⚠️ -1 packaging workflow not detected Dangerous-Workflow 🟢 10 no dangerous workflow patterns detected Token-Permissions ⚠️ 0 detected GitHub workflow tokens with excessive permissions CII-Best-Practices ⚠️ 0 no effort to earn an OpenSSF best practices badge detected Binary-Artifacts 🟢 10 no binaries found in the repo Pinned-Dependencies 🟢 10 all dependencies are pinned Security-Policy ⚠️ 0 security policy file not detected Fuzzing ⚠️ 0 project is not fuzzed License ⚠️ 0 license file not detected Signed-Releases ⚠️ -1 no releases found Branch-Protection ⚠️ -1 internal error: error during branchesHandler.setup: internal error: some github tokens can't read classic branch protection rules: https://github.com/ossf/scorecard-action/blob/main/docs/authentication/fine-grained-auth-token.md SAST ⚠️ 0 SAST tool is not run on all commits -- score normalized to 0
npm/vite-tsconfig-paths	5.1.4	🟢 4.8	Details Check Score Reason Code-Review ⚠️ 0 Found 2/29 approved changesets -- score normalized to 0 Packaging ⚠️ -1 packaging workflow not detected Maintained 🟢 10 10 commit(s) and 11 issue activity found in the last 90 days -- score normalized to 10 Security-Policy 🟢 10 security policy file detected Dangerous-Workflow 🟢 10 no dangerous workflow patterns detected Token-Permissions ⚠️ 0 detected GitHub workflow tokens with excessive permissions Binary-Artifacts 🟢 10 no binaries found in the repo Pinned-Dependencies ⚠️ 0 dependency not pinned by hash detected -- score normalized to 0 CII-Best-Practices ⚠️ 0 no effort to earn an OpenSSF best practices badge detected Fuzzing ⚠️ 0 project is not fuzzed License 🟢 10 license file detected Signed-Releases ⚠️ -1 no releases found Branch-Protection 🟢 3 branch protection is not maximal on development and all release branches SAST ⚠️ 0 SAST tool is not run on all commits -- score normalized to 0

Scanned Files

• frontend/yarn.lock

[gastonfournier]

LG!

[Copilot]

Pull request overview

Restores the frontend’s explicit tsconfig path-resolution plugin so Vite resolves baseUrl imports the same way it did before the Vite 8 migration. In this codebase, that mainly supports frontend source imports like themes/* and component/* during build/prepack flows.

Changes:

• Re-add vite-tsconfig-paths to the frontend devDependencies and lockfile.
• Remove Vite 8’s built-in resolve.tsconfigPaths: true setting from the frontend config.
• Register the external tsconfigPaths() plugin in frontend/vite.config.mts.

Reviewed changes

Copilot reviewed 2 out of 3 changed files in this pull request and generated no comments.

File	Description
frontend/yarn.lock	Locks the newly restored vite-tsconfig-paths dependency and its transitive packages.
frontend/vite.config.mts	Switches frontend path resolution back from Vite’s built-in flag to the explicit plugin.
frontend/package.json	Declares vite-tsconfig-paths as a frontend dev dependency.

---

💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.