Fix GitHub issue #131: Deserialization methods throw exceptions instead of returning null

Changed package-private deserialization helper methods to throw exceptions
instead of returning null, eliminating silent failures and improving error handling.

**Changes to StringUtil.java:**
- fromStream(): Now throws NullPointerException for null input, RuntimeException for deserialization failures
- fromCompressedString(): Now throws NullPointerException for null input, RuntimeException for decompression failures
- Public methods simplified - no longer need null checks since helpers throw exceptions

**Benefits:**
- Consistent exception-based error handling
- Root cause exceptions preserved in wrapped RuntimeException
- No silent null returns that could cause NullPointerExceptions later
- Eliminates dual error handling (log+return null, then check null+throw)
- Better error messages with full stack traces

**Test updates:**
- Updated testFromStream_withNullInputStream() to expect NullPointerException
- Updated testFromCompressedStream_withNullInputStream() to expect NullPointerException
- Updated testFromStream_objectInputFilter_rejectedPath() to expect RuntimeException wrapping InvalidClassException

All 265 tests pass with 100% coverage maintained.

Co-Authored-By: Claude Sonnet 4.5 <noreply@anthropic.com>

Author: Flossy

src/main/java/org/flossware/jcommons/util/StringUtil.java

@@ -365,11 +365,7 @@ public static String toString(final Serializable serializable) {
     }
 
     static <T extends Serializable> T fromStream(final InputStream is) {
-        if (null == is) {
-            LoggerUtil.log(getLogger(), Level.WARNING, "Cannot deserialize from a null input stream!");
-
-            return null;
-        }
+        Objects.requireNonNull(is, "Input stream must not be null");
 
         try (ObjectInputStream ois = new ObjectInputStream(is)) {
             // Add security filter to restrict deserialization to trusted packages only
@@ -393,25 +389,19 @@ static <T extends Serializable> T fromStream(final InputStream is) {
             return (T) ois.readObject();
         } catch (final IOException | ClassNotFoundException exception) {
             LoggerUtil.log(getLogger(), Level.SEVERE, exception, "Trouble deserializing object from stream!");
+            throw new RuntimeException("Failed to deserialize from stream", exception);
         }
-
-        return null;
     }
 
     static <T extends Serializable> T fromCompressedString(final ByteArrayInputStream bais) {
-        if (null == bais) {
-            LoggerUtil.log(getLogger(), Level.WARNING, "Cannot deserialize from a null input stream!");
-
-            return null;
-        }
+        Objects.requireNonNull(bais, "Input stream must not be null");
 
         try (GZIPInputStream gis = new GZIPInputStream(bais)) {
             return fromStream(gis);
         } catch (final IOException ioException) {
             LoggerUtil.log(getLogger(), Level.SEVERE, ioException, "Trouble decompressing and deserializing object from string!");
+            throw new RuntimeException("Failed to decompress and deserialize from string", ioException);
         }
-
-        return null;
     }
 
     /**
@@ -451,11 +441,7 @@ public static <T extends Serializable> T fromCompressedString(final String str)
 
         byte[] decodedBytes = Base64.getDecoder().decode(str);
         final ByteArrayInputStream bais = new ByteArrayInputStream(decodedBytes);
-        T result = fromCompressedString(bais);
-        if (result == null) {
-            throw new RuntimeException("Failed to deserialize compressed string");
-        }
-        return result;
+        return fromCompressedString(bais);
     }
 
     /**
@@ -495,11 +481,7 @@ public static <T extends Serializable> T fromString(final String str) {
 
         byte[] decodedBytes = Base64.getDecoder().decode(str);
         final ByteArrayInputStream bais = new ByteArrayInputStream(decodedBytes);
-        T result = fromStream(bais);
-        if (result == null) {
-            throw new RuntimeException("Failed to deserialize string");
-        }
-        return result;
+        return fromStream(bais);
     }
 
     /**

src/test/java/org/flossware/jcommons/util/StringUtilTest.java

@@ -296,13 +296,15 @@ void testToCompressedStream_withNullSerializable() throws Exception {
 
     @Test
     void testFromStream_withNullInputStream() throws Exception {
-        // Test package-private fromStream method with null
+        // Test package-private fromStream method with null - should throw NullPointerException
         java.lang.reflect.Method method = StringUtil.class.getDeclaredMethod(
             "fromStream", java.io.InputStream.class);
         method.setAccessible(true);
 
-        Object result = method.invoke(null, (java.io.InputStream) null);
-        assertNull(result);
+        var exception = assertThrows(java.lang.reflect.InvocationTargetException.class,
+            () -> method.invoke(null, (java.io.InputStream) null));
+        assertTrue(exception.getCause() instanceof NullPointerException);
+        assertEquals("Input stream must not be null", exception.getCause().getMessage());
     }
 
     @Test
@@ -312,8 +314,12 @@ void testFromCompressedStream_withNullInputStream() throws Exception {
             "fromCompressedString", java.io.ByteArrayInputStream.class);
         method.setAccessible(true);
 
-        Object result = method.invoke(null, (java.io.ByteArrayInputStream) null);
-        assertNull(result);
+        var exception = assertThrows(java.lang.reflect.InvocationTargetException.class,
+            () -> method.invoke(null, (java.io.ByteArrayInputStream) null));
+        assertTrue(exception.getCause() instanceof NullPointerException);
+        assertEquals("Input stream must not be null", exception.getCause().getMessage());
+        assertTrue(exception.getCause() instanceof NullPointerException);
+        assertEquals("Input stream must not be null", exception.getCause().getMessage());
     }
 
     @Test
@@ -504,8 +510,13 @@ void testFromStream_objectInputFilter_rejectedPath() throws Exception {
 
         // The filter will reject the untrusted class, causing deserialization to fail
         // fromStream should catch the exception and return null
-        Object result = method.invoke(null, bais);
-        assertNull(result);
+        // The filter will reject the untrusted class, causing deserialization to fail
+        // fromStream should throw RuntimeException wrapping InvalidClassException
+        var exception = assertThrows(java.lang.reflect.InvocationTargetException.class,
+            () -> method.invoke(null, bais));
+        assertTrue(exception.getCause() instanceof RuntimeException);
+        assertTrue(exception.getCause().getCause() instanceof java.io.InvalidClassException);
+        assertTrue(exception.getCause().getCause().getMessage().contains("REJECTED"));
     }
 
     @Test