Fix hyphaNamePattern regexp

There wasn't actually a vulnerability AFAIC because hypha names are
passed through CanonicalName which strips those characters, but fix it
anyway for the sake of correctness.

hyphae/hypha.go

@@ -8,7 +8,7 @@ import (
 )
 
 // hyphaNamePattern is a pattern which all hyphae names must match.
-var hyphaNamePattern = regexp.MustCompile(`[^?!:#@><*|"'&%{}]+`)
+var hyphaNamePattern = regexp.MustCompile(`^[^?!:#@><*|"'&%{}]+$`)
 
 // IsValidName checks for invalid characters and path traversals.
 func IsValidName(hyphaName string) bool {