Merge branch 'release/4.0.4' into v4

Author: khalwat

CHANGELOG.md

@@ -2,6 +2,10 @@
 
 All notable changes to this project will be documented in this file.
 
+## 4.0.4 - 2025.06.10
+### Fixed
+* Remove errant dependency on SEOmatic in the `SecurityPolicy` helper class
+
 ## 4.0.3 - 2025.06.08
 ### Added
 * Add an example `config/blacklist-sandbox.php` and `config/whitelist-sandbox.php` files for user-customizable Twig sandbox environments

composer.json

@@ -1,7 +1,7 @@
 {
   "name": "nystudio107/craft-twig-sandbox",
   "description": "Allows you to easily create a sandboxed Twig environment where you can control what tags, filters, functions, and object methods/properties are allowed",
-  "version": "4.0.3",
+  "version": "4.0.4",
   "keywords": [
     "craft",
     "cms",

phpstan.neon

@@ -3,5 +3,6 @@ includes:
 
 parameters:
     level: 5
+    phpVersion: 80002 # PHP 8.0.2
     paths:
         - src

src/helpers/SecurityPolicy.php

@@ -4,9 +4,7 @@
 
 use Craft;
 use craft\helpers\ArrayHelper;
-use craft\helpers\StringHelper;
 use nystudio107\crafttwigsandbox\twig\BaseSecurityPolicy;
-use nystudio107\seomatic\Seomatic;
 use function is_array;
 
 class SecurityPolicy
@@ -57,7 +55,7 @@ public static function getConfigFromFile(string $filePath, ?string $alias = null
         $mergedConfig = [];
         /** @var array $config */
         foreach ($config as $env => $envConfig) {
-            if ($env === '*' || StringHelper::contains(Seomatic::$environment, $env)) {
+            if ($env === '*') {
                 $mergedConfig = ArrayHelper::merge($mergedConfig, $envConfig);
             }
         }

src/twig/BlacklistSecurityPolicy.php

@@ -62,7 +62,7 @@ public function checkMethodAllowed($obj, $method): void
             return;
         }
 
-        $method = strtr($method, 'ABCDEFGHIJKLMNOPQRSTUVWXYZ', 'abcdefghijklmnopqrstuvwxyz');
+        $method = strtolower($method);
         $allowed = true;
         foreach ($this->getTwigMethods() as $class => $methods) {
             if ($obj instanceof $class) {
@@ -85,7 +85,7 @@ public function checkMethodAllowed($obj, $method): void
     public function checkPropertyAllowed($obj, $property): void
     {
         $allowed = true;
-        $property = strtr($property, 'ABCDEFGHIJKLMNOPQRSTUVWXYZ', 'abcdefghijklmnopqrstuvwxyz');
+        $property = strtolower($property);
         foreach ($this->getTwigProperties() as $class => $properties) {
             if ($obj instanceof $class) {
                 if ($properties[0] === '*' || in_array($property, $properties, true)) {

src/twig/WhitelistSecurityPolicy.php

@@ -62,7 +62,7 @@ public function checkMethodAllowed($obj, $method): void
             return;
         }
 
-        $method = strtr($method, 'ABCDEFGHIJKLMNOPQRSTUVWXYZ', 'abcdefghijklmnopqrstuvwxyz');
+        $method = strtolower($method);
         $allowed = false;
         foreach ($this->getTwigMethods() as $class => $methods) {
             if ($obj instanceof $class) {
@@ -85,7 +85,7 @@ public function checkMethodAllowed($obj, $method): void
     public function checkPropertyAllowed($obj, $property): void
     {
         $allowed = false;
-        $property = strtr($property, 'ABCDEFGHIJKLMNOPQRSTUVWXYZ', 'abcdefghijklmnopqrstuvwxyz');
+        $property = strtolower($property);
         foreach ($this->getTwigProperties() as $class => $properties) {
             if ($obj instanceof $class) {
                 if ($properties[0] === '*' || in_array($property, $properties, true)) {