Change default value of --disable-sandbox

[fthomas]

This changes the default value of the --disable-sandbox option from
false to true. I think this is a better default since sandboxed
execution is only useful when the operator of Scala Steward does not
trusts the repositories it is working on. This is only true for public
instances and (almost) never true for private instances. And there are
a lot more private than public instances.

Other arguments for this change are that firejail does not work inside
Docker and that documentation and setup become simpler.

To enable sandboxed execution, --disable-sandbox=false or the newly
added --enable-sandbox option can be used.

[codecov]

Codecov Report

Merging #1719 into master will not change coverage.
The diff coverage is 100.00%.

@@           Coverage Diff           @@
##           master    #1719   +/-   ##
=======================================
  Coverage   73.99%   73.99%           
=======================================
  Files         115      115           
  Lines        1957     1957           
  Branches       55       50    -5     
=======================================
  Hits         1448     1448           
  Misses        509      509           

Impacted Files	Coverage Δ
.../scala/org/scalasteward/core/application/Cli.scala	100.00% <ø> (ø)
...ala/org/scalasteward/core/application/Config.scala	89.65% <100.00%> (ø)
...in/scala/org/scalasteward/core/io/ProcessAlg.scala	100.00% <100.00%> (ø)

---

Continue to review full report at Codecov.

Legend - Click here to learn more
Δ = absolute <relative> (impact), ø = not affected, ? = missing data
Powered by Codecov. Last update 8e304de...d996533. Read the comment docs.

[xuwei-k]

🤔

- enableSandbox = args.enableSandbox.getOrElse(args.disableSandbox)
+ enableSandbox = args.enableSandbox.getOrElse(!args.disableSandbox)

[fthomas]

🤦 Of course! Thanks for noticing! If you want to, you can submit a PR changing this. Or I'll do it later.