Check our parameter sanitisation and filtering for logging & sentry

[lukeify]

We have these lines of code in our backend_base variant:

rails-template/variants/backend-base/config/template.rb

Lines 20 to 22 in 89c633c

	gsub_file "config/initializers/filter_parameter_logging.rb", /\[:password\]/ do
	"%w[password secret session cookie csrf]"
	end

These have not been touched in several years and now differs from what Rails provides. We should re-establish what our baseline is here compared to vanilla Rails. Some questions:

• How many of our filter_parameters are valid in 2024?
• How many of our filter_parameters are devise-related?
• Do we want to append to the existing Rails configuration instead of performing a gsub?
• What is the intent behind the ssn in the Rails vanilla config? (Social Security Number?)
• Does Sentry look at this file to determine its own parameter filtering?
  • If no, should we align our Sentry and logging parameterization filtering?

[G-Rath]

This is what I currently have locally to address this:

gsub_file "config/initializers/filter_parameter_logging.rb", /\+= \[\n/ do
  "+= [:password, :secret, :session, :cookie, :csrf,\n"
end