Fix security concern

Author: spalmurray

src/firetower/incidents/tests/test_views.py

@@ -360,8 +360,12 @@ def test_sync_participants_endpoint_handles_errors(self):
 
             assert response.status_code == 500
             assert response.data["success"] is False
-            assert "Slack API error" in response.data["error"]
+            assert response.data["error"] == "Failed to sync participants from Slack"
             assert len(response.data["stats"]["errors"]) > 0
+            assert (
+                response.data["stats"]["errors"][0]
+                == "Failed to sync participants from Slack"
+            )
 
     def test_sync_participants_endpoint_respects_privacy(self):
         """Test sync endpoint returns 404 for private incidents user can't access"""

src/firetower/incidents/views.py

@@ -152,11 +152,13 @@ def post(self, request: Request, incident_id: str) -> Response:
                 f"Failed to force sync participants for incident {incident.id}: {e}",
                 exc_info=True,
             )
-            error_stats = ParticipantsSyncStats(errors=[str(e)])
+            error_stats = ParticipantsSyncStats(
+                errors=["Failed to sync participants from Slack"]
+            )
             return Response(
                 {
                     "success": False,
-                    "error": str(e),
+                    "error": "Failed to sync participants from Slack",
                     "stats": asdict(error_stats),
                 },
                 status=500,