In Iteration H, the Book calls out that you should not store credit card information in a database or in the log and then instructs the user to filter them out (PDF page 212).

config.filter_parameters += [ :credit_card_number ]

When invoking ActiveJob in the Orders Controller on PDF page 232, the code invokes the job and then the credit card number is logged as plain text.

ChargeOrderJob.perform_later(@order,pay_type_params.to_h)

Rails 6.1 (currently on master) will have the ability to prevent logging of ActiveJob parameters.

class ChargeOrderJob < ApplicationJob
  queue_as :default
  # works on rails >= 6.1 only
  self.log_arguments = false

  def perform(order, pay_type_params)
    order.charge!(pay_type_params)
  end
end

It might be worth mentioning in the blurb on page 212 (noting that you need to be mindful of the entire chain of custody of sensitive data) or around the section on 232, that you need to beware of accidentally leaking sensitive parameters in plain text to ActiveJob.