feat: Update SES lockdown options

[leotm]

Description

Update SES lockdown options to improve error stacks

Set error taming to unsafe

• make error stacks also available by the error instance stack
• preserve error stack filtered content
• like we do in metamask-extension

Set stack filtering to verbose

• show full raw error info for each deep stack level
• preserve noise that the (default) concise option was removing

Follow-up to

• fix: regenerator-runtime and reenable SES (v1.1.0) on iOS (JSC) #8033

Ref: https://github.com/endojs/endo/blob/master/packages/ses/docs/reference.md#options-quick-reference

Nb: we're looking into a lockdown/repairIntrinsics option to disable touching errors entirely (for cases like ours involving React Native surfacing JS/Android/iOS errors, then later newer engine Hermes)

Related issues

• note: [Bug]: Sentry sourcemaps are incorrect #8352

Manual testing steps

Local testing in debug-mode:

• Update InitializeCore to enable SES in debug/dev mode
• Trigger an error somewhere in the app
  • new Error('test')
  • Sentry.captureException(new Error('test'))
• Check simulator
  • ensure original error preserved in call stack
  • ensure tapping error redirects to source code
• Check Sentry event
  • ensure original error preserved in call stack

But note above we're looking into a better lockdown option for React Native debug-mode,
since we disabled SES in debug-mode earlier from React Devtools interfering

Production testing:
After we merge #8373, we'll be able to ft toggle lockdown via our in-app settings menu, which will persist the choice and apply after the app has been rebooted

Screenshots/Recordings

Before

After

Pre-merge author checklist

• I’ve followed MetaMask Coding Standards.
• I've clearly explained what problem this PR is solving and how it is solved.
• I've linked related issues
• I've included manual testing steps
• I've included screenshots/recordings if applicable
• I’ve included tests if applicable
• I’ve documented my code using JSDoc format if applicable
• I’ve applied the right labels on the PR (see labeling guidelines). Not required for external contributors.
• I’ve properly set the pull request status:
  • In case it's not yet "ready for review", I've set it to "draft".
  • In case it's "ready for review", I've changed it from "draft" to "non-draft".

Pre-merge reviewer checklist

• I've manually tested the PR (e.g. pull and build branch, run the app, test code being changed).
• I confirm that this PR addresses all acceptance criteria described in the ticket it closes and includes the necessary testing evidence such as recordings and or screenshots.

[github-actions]

CLA Signature Action: All authors have signed the CLA. You may need to manually re-run the blocking PR check if it doesn't pass in a few minutes.

[codecov-commenter]

Codecov Report

All modified and coverable lines are covered by tests ✅

Comparison is base (ea21001) 40.43% compared to head (174c6f7) 40.43%.

Additional details and impacted files

@@           Coverage Diff           @@
##             main    #8413   +/-   ##
=======================================
  Coverage   40.43%   40.43%           
=======================================
  Files        1239     1239           
  Lines       29976    29976           
  Branches     2875     2875           
=======================================
  Hits        12122    12122           
  Misses      17157    17157           
  Partials      697      697           

☔ View full report in Codecov by Sentry.
📢 Have feedback on the report? Share it here.

[sonarqubecloud]

Quality Gate passed

Kudos, no new issues were introduced!

0 New issues
0 Security Hotspots
No data about Coverage
No data about Duplication

See analysis details on SonarCloud

[github-actions]

E2E test started on Bitrise: https://app.bitrise.io/app/be69d4368ee7e86d/pipelines/7526129e-61ba-40cf-af57-62d2bf4e8f50
You can also kick off another Bitrise E2E smoke test by removing and re-applying the (Run Smoke E2E) label

ios_e2e_build ✅
android_e2e_build ✅

run_smoke_e2e_ios_android_stage ✅

[sethkfman]

LGTM

[metamaskbot]

Missing release label release-7.16.0 on PR. Adding release label release-7.16.0 on PR and removing other release labels(release-7.17.0), as PR was cherry-picked in branch 7.16.0.