Fix Jackson and Scala vulnerabilities (#373)

* fix jackson and scala vulnerabilities

* fix

* fix

* lint

Author: Deegue

core/pom.xml

@@ -29,7 +29,7 @@
     <maven.compiler.source>1.8</maven.compiler.source>
     <maven.compiler.target>1.8</maven.compiler.target>
     <scala.version>2.12.15</scala.version>
-    <jackson.version>2.13.4</jackson.version>
+    <jackson.version>2.13.5</jackson.version>
     <scala.binary.version>2.12</scala.binary.version>
   </properties>
 
@@ -153,7 +153,7 @@
       <dependency>
         <groupId>com.fasterxml.jackson.core</groupId>
         <artifactId>jackson-databind</artifactId>
-        <version>2.13.4.2</version>
+        <version>${jackson.version}</version>
       </dependency>
       <dependency>
         <groupId>com.fasterxml.jackson.core</groupId>

core/raydp-main/pom.xml

@@ -240,23 +240,20 @@
         <artifactId>maven-assembly-plugin</artifactId>
         <version>3.0.0</version>
         <configuration>
-          <!--<descriptors>-->
-          <!--<decriptor>src/main/assembly/assembly.xml</decriptor>-->
-          <!--</descriptors>-->
           <appendAssemblyId>false</appendAssemblyId>
           <descriptorRefs>
             <descriptorRef>jar-with-dependencies</descriptorRef>
           </descriptorRefs>
         </configuration>
-        <executions>
+        <!-- <executions>
           <execution>
             <id>assembly</id>
             <phase>package</phase>
             <goals>
               <goal>single</goal>
             </goals>
           </execution>
-        </executions>
+        </executions> -->
       </plugin>
 
       <plugin>

core/raydp-main/src/main/scala/org/apache/spark/deploy/raydp/RayAppMaster.scala

@@ -119,9 +119,14 @@ class RayAppMaster(host: String,
         val id = PlacementGroupId.fromBytes(DatatypeConverter.parseHexBinary(hex))
         PlacementGroups.getPlacementGroup(id)
       }.orNull
-    private val bundleIndexes: List[Int] = conf.getOption("spark.ray.bundle_indexes")
-      .map(_.split(",").map(_.toInt).toList)
-      .getOrElse(List.empty)
+    private val bundleIndexesOpt: Option[Array[Int]] = conf.getOption("spark.ray.bundle_indexes")
+      .map(_.split(",").map(_.toInt))
+
+    private val bundleIndexesNum: Int = bundleIndexesOpt match {
+        case Some(n) => n.size
+        case None => 0
+      }
+
     private var currentBundleIndex: Int = 0
 
     override def receive: PartialFunction[Any, Unit] = {
@@ -316,9 +321,9 @@ class RayAppMaster(host: String,
     }
 
     private def getNextBundleIndex: Int = {
-      if (placementGroup != null && bundleIndexes.nonEmpty) {
+      if (placementGroup != null && bundleIndexesNum != 0) {
         val previous = currentBundleIndex
-        currentBundleIndex = (currentBundleIndex + 1) % bundleIndexes.size
+        currentBundleIndex = (currentBundleIndex + 1) % bundleIndexesNum
         previous
       } else {
         -1

core/shims/spark322/pom.xml

@@ -17,7 +17,7 @@
 
   <properties>
     <scala.version>2.12.15</scala.version>
-    <jackson.version>2.12.0</jackson.version>
+    <jackson.version>2.13.5</jackson.version>
   </properties>
 
   <build>

core/shims/spark330/pom.xml

@@ -17,7 +17,7 @@
 
   <properties>
     <scala.version>2.12.15</scala.version>
-    <jackson.version>2.13.3</jackson.version>
+    <jackson.version>2.13.5</jackson.version>
   </properties>
 
   <build>

core/shims/spark340/pom.xml

@@ -17,7 +17,7 @@
 
   <properties>
     <scala.version>2.12.15</scala.version>
-    <jackson.version>2.13.3</jackson.version>
+    <jackson.version>2.13.5</jackson.version>
   </properties>
 
   <build>