Why does @emotion/react depend on an outdated @types/parse-json version, and is there a plan to update it?

[satyakumar070497-oss]

Hi team,

we are using @emotion/react in a production React project and noticed that it pulls in an outdated transitive dependency:
• @types/parse-json@4.0.2

This comes from the following dependency chain:

@emotion/react
→ @emotion/babel-plugin
→ babel-plugin-macros
→ cosmiconfig
→ @types/parse-json@4.0.2

There are no known vulnerabilities with this package, but it hasn’t been updated for a
long time and automated dependency scanners flag it as outdated or unmaintained.

Questions

1. Is this dependency still required in Emotion’s build toolchain?
2. Is there a plan to update or remove it in future versions?
3. Is this safe to ignore for production use, or is there recommended guidance for users?

Additional context
The dependency is not used directly by our application; it only appears through the
build pipeline. We are trying to determine whether this can be modernized or whether it
is expected for Emotion to rely on this older package.

Thanks for any guidance!
Satya.

[Andarist]

Removing it right now would be a breaking change. We want to remove it in the next major release of Emotion. In the meantime... you could check if babel-plugin-macros could update its dependency on cosmiconfig. I think that using the new version of the dependency would address your concern