Switch away from PII scrubbing in SaaS Sentry

[stevejalim]

We've been using self-hosted Sentry and the PII-scrubbing behaviour provided by it.

Now we're moving to SaaS Sentry and, while we trust it for PII scrubbing in the short term, it of course makes sense to scrub PII 100% before it leaves our systems.

Checklist

(link to relevant PR when it's ready)

• [x] bedrock - https://github.com/mozilla/bedrock/pull/11315
• [x] basket - https://github.com/mozmeao/basket/pull/813
• [x] ~snippets~
• [x] nucleus - https://github.com/mozilla/nucleus/pull/623

---

Notes

AMO is using this approach which we could replicate and extend for MEAO services.

Mat in AMO and I briefly discussed collaborating on a shared library but it seems to make more sense for now (until we all know whether we want to scrub the same kind of info, in the same way) we should work separately on implementations.

Given we will be adding this behaviour to Bedrock, Basket, Nucleus and Snippets, we should consider whether we do it as a small library, or just replicated code.

[stevejalim]

Chatting about it with Pmac, let's go with code duplication and focusing on Basket as our main concern as that's the service which handles PII (+ a little in Bedrock, when it hands newsletter sign-ups to Basket)

[pmac]

I found sentry-processor as well, which we can maybe just use, or if not at least have as some further inspiration. It's not a very active project, but the code is fairly simple and easy to grok.

[stevejalim]

@pmac Giving sentry-processor a whirl