## Summary
This PR
[seals](https://developer.mozilla.org/en-US/docs/Web/JavaScript/Reference/Global_Objects/Object/seal)
`Object.prototype`, `String.prototype`, `Number.prototype`, and
`Function.prototype` on the Kibana server, which provides some measure
of protection against prototype pollution.
<details>
<summary>The Object.seal() static method seals an object.</summary>
**note** I currently have this marked as `backport:skip` to reduce the
risk of regressions in patch releases.
> The Object.seal() static method seals an object. Sealing an object
[prevents
extensions](https://developer.mozilla.org/en-US/docs/Web/JavaScript/Reference/Global_Objects/Object/preventExtensions)
and makes existing properties non-configurable. A sealed object has a
fixed set of properties: new properties cannot be added, existing
properties cannot be removed, their enumerability and configurability
cannot be changed, and its prototype cannot be re-assigned. Values of
existing properties can still be changed as long as they are writable.
seal() returns the same object that was passed in.
</details>
-----
## Help, this broke something!
Please let us know by opening an issue. If you need to get your
environment up and running quickly, you can disable these protections by
setting the `KBN_UNSAFE_DISABLE_PROTOTYPE_HARDENING` environment
variable to any truthy value.
This may be interfering with normal functionality if you encounter an
error similar to:
> Cannot add property foo, object is not extensible
Where `foo` is some arbitrary string.
---------
Co-authored-by: kibanamachine <42973632+kibanamachine@users.noreply.github.com>
