Merge pull request #2939 from sherlock-project/fix-vuln

Fix command injection vuln

.github/workflows/validate_modified_targets.yml

@@ -20,6 +20,7 @@ jobs:
           # Checkout the base branch but fetch all history to avoid a second fetch call
           ref: ${{ github.base_ref }}
           fetch-depth: 0
+          persist-credentials: false
 
       - name: Set up Python
         uses: actions/setup-python@v6
@@ -90,11 +91,11 @@ jobs:
       # --- The rest of the steps below are unchanged ---
 
       - name: Validate modified targets
-        if: steps.discover-modified.outputs.changed_targets != ''
-        continue-on-error: true
+        env:
+          CHANGED_TARGETS: ${{ steps.discover-modified.outputs.changed_targets }}
         run: |
           poetry run pytest -q --tb no -rA -m validate_targets -n 20 \
-            --chunked-sites "${{ steps.discover-modified.outputs.changed_targets }}" \
+            --chunked-sites "$CHANGED_TARGETS" \
             --junitxml=validation_results.xml
 
       - name: Prepare validation summary

pyproject.toml

@@ -8,7 +8,7 @@ source = "init"
 
 [tool.poetry]
 name = "sherlock-project"
-version = "0.16.0"
+version = "0.16.1"
 description = "Hunt down social media accounts by username across social networks"
 license = "MIT"
 authors = [