From 66dd3689c403b05bbe4970192efd13e7af802525 Mon Sep 17 00:00:00 2001
From: Mike McCready <66998419+MikeMcC399@users.noreply.github.com>
Date: Thu, 5 Sep 2024 21:32:56 +0200
Subject: [PATCH] dependency: update loader-utils to 1.4.2 (#30159)

* dependency: update loader-utils to 1.4.2

* move changelog to new release

* run ci

* run ci
---
 cli/CHANGELOG.md | 8 ++++++++
 yarn.lock        | 6 +++---
 2 files changed, 11 insertions(+), 3 deletions(-)

diff --git a/cli/CHANGELOG.md b/cli/CHANGELOG.md
index 46aca11025b4..eb03c89f8484 100644
--- a/cli/CHANGELOG.md
+++ b/cli/CHANGELOG.md
@@ -1,4 +1,12 @@
 <!-- See the ../guides/writing-the-cypress-changelog.md for details on writing the changelog. -->
+## 13.14.3
+
+_Released 9/10/2024 (PENDING)_
+
+**Dependency Updates:**
+
+- Updated `loader-utils` from `1.4.0` to `1.4.2`. This removes the [CVE-2022-37601](https://nvd.nist.gov/vuln/detail/CVE-2022-37601) vulnerability being reported in security scans. Addresses [#28208](https://github.com/cypress-io/cypress/issues/28208).
+
 ## 13.14.2
 
 _Released 9/4/2024_
diff --git a/yarn.lock b/yarn.lock
index 28e90bdf2048..b200bb832fa9 100644
--- a/yarn.lock
+++ b/yarn.lock
@@ -20680,9 +20680,9 @@ loader-runner@^4.2.0:
   integrity sha512-3R/1M+yS3j5ou80Me59j7F9IMs4PXs3VqRrm0TU3AbKPxlmpoY1TNscJV/oGJXo8qCatFGTfDbY6W6ipGOYXfg==
 
 loader-utils@^1.1.0, loader-utils@^1.2.3:
-  version "1.4.0"
-  resolved "https://registry.yarnpkg.com/loader-utils/-/loader-utils-1.4.0.tgz#c579b5e34cb34b1a74edc6c1fb36bfa371d5a613"
-  integrity sha512-qH0WSMBtn/oHuwjy/NucEgbx5dbxxnxup9s4PVXJUDHZBQY+s0NWA9rJf53RBnQZxfch7euUui7hpoAPvALZdA==
+  version "1.4.2"
+  resolved "https://registry.yarnpkg.com/loader-utils/-/loader-utils-1.4.2.tgz#29a957f3a63973883eb684f10ffd3d151fec01a3"
+  integrity sha512-I5d00Pd/jwMD2QCduo657+YM/6L3KZu++pmX9VFncxaxvHcru9jx1lBaFft+r4Mt2jK0Yhp41XlRAihzPxHNCg==
   dependencies:
     big.js "^5.2.2"
     emojis-list "^3.0.0"