feat(commons): add anonhymizer to whitelist props in logs [WPB-24990]

[e-maad]

WPB-24990 [Web] User names are visible in the logs

Pull Request

Summary

Added anonymizer for whitelist properties visible in logs

Security Checklist (required)

• External inputs are validated & sanitized on client and/or server where applicable.
• API responses are validated; unexpected shapes are handled safely (fallbacks or errors).
• No unsafe HTML is rendered; if unavoidable, sanitization is applied and documented where it happens.
• Injection risks (XSS/SQL/command) are prevented via safe APIs and/or escaping.

Accessibility (required)

• I have read and this PR upholds our Accessibility Best Practices.

Standards Acknowledgement (required)

• I have read and this PR upholds our Coding Standards and Tech Radar Choices.

---

Screenshots or demo (if the user interface changed)

Notes for reviewers

• Trade-offs:
• Follow-ups (linked issues):
• Linked PRs (e.g. web-packages):

[screendriver]

anonhymizer should be anonymizer in the Git commit message and pull request description

[sonarqubecloud]

Quality Gate passed

Issues
0 New issues
0 Accepted issues

Measures
0 Security Hotspots
0.0% Coverage on New Code
0.0% Duplication on New Code

See analysis details on SonarQube Cloud

[screendriver]

I'm concerned that this change wires the app directly to the concrete @uphold/anonymizer implementation (anonymize is exported as a library-specific instance), instead of introducing an explicit boundary.

I recommend we keep this behind a stable interface and inject the implementation where needed. This keeps call sites decoupled, improves testability (easy deterministic stubs) and makes future library swaps/config changes low-risk.