yarnpkg/CVE-2022-37599.patch

diff -rupN --no-dereference yarn-1.22.22/node_modules/loader-utils/index.js yarn-1.22.22-new/node_modules/loader-utils/index.js
--- yarn-1.22.22/node_modules/loader-utils/index.js	2025-07-28 09:42:24.000000000 +0200
+++ yarn-1.22.22-new/node_modules/loader-utils/index.js	2025-07-31 00:36:49.585249573 +0200
@@ -299,7 +299,7 @@ exports.interpolateName = function inter
 	var url = filename;
 	if(content) {
 		// Match hash template
-		url = url.replace(/\[(?:(\w+):)?hash(?::([a-z]+\d*))?(?::(\d+))?\]/ig, function() {
+		url = url.replace(/\[(?:([^[:\]]+):)?hash(?::([a-z]+\d*))?(?::(\d+))?\]/ig, function() {
 			return exports.getHashDigest(content, arguments[1], arguments[2], parseInt(arguments[3], 10));
 		}).replace(/\[emoji(?::(\d+))?\]/ig, function() {
 			return encodeStringToEmoji(content, arguments[1]);