Security update with sensible defaults for Electron fuses

Not using ASAR integrity for now since it's not stable on Electron v37.

V8 snapshots to effectively pre-render app startup would be neat but
seems a bit complicated for now.

Author: pimterry

package.json

@@ -128,7 +128,17 @@
     "appImage": {
       "artifactName": "HttpToolkit-${version}-${arch}.${ext}"
     },
-    "publish": null
+    "publish": null,
+    "electronFuses": {
+      "runAsNode": false,
+      "enableCookieEncryption": true,
+      "enableNodeOptionsEnvironmentVariable": false,
+      "enableNodeCliInspectArguments": false,
+      "onlyLoadAppFromAsar": true,
+      "loadBrowserProcessSpecificV8Snapshot": false,
+      "grantFileProtocolExtraPrivileges": false,
+      "resetAdHocDarwinSignature": false
+    }
   },
   "dependencies": {
     "@httptoolkit/util": "^0.1.8",