Prevent accidental serialization of `Account` and `User` records

app/models/account.rb

@@ -86,6 +86,7 @@ class Account < ApplicationRecord
   include DomainMaterializable
   include DomainNormalizable
   include Paginable
+  include NoImplicitSerialization
 
   enum :protocol, { ostatus: 0, activitypub: 1 }
   enum :suspension_origin, { local: 0, remote: 1 }, prefix: true

app/models/concerns/no_implicit_serialization.rb

@@ -0,0 +1,9 @@
+# frozen_string_literal: true
+
+module NoImplicitSerialization
+  # Prevent implicit serialization in ActiveModel::Serializer or other code paths.
+  # This is a hardening step to avoid accidental leaking of attributes.
+  def as_json
+    raise NotImplementedError
+  end
+end

app/models/user.rb

@@ -59,6 +59,7 @@ class User < ApplicationRecord
   include User::LdapAuthenticable
   include User::Omniauthable
   include User::PamAuthenticable
+  include NoImplicitSerialization
 
   # The home and list feeds will be stored in Redis for this amount
   # of time, and status fan-out to followers will include only people