Bump com.gradleup.shadow from 9.0.2 to 9.4.2 in /auth-service

[dependabot]

Bumps com.gradleup.shadow from 9.0.2 to 9.4.2.

Release notes

Sourced from com.gradleup.shadow's releases.

9.4.2

Changed

• Update jdependency to support Java 27. (#2033)

9.4.1

Changed

• Update Kotlin to 2.3.20. (#1978)

9.4.0

Added

• Support Isolated Projects. (#1139)

Changed

• Allow opting out of adding shadowJar into assemble lifecycle. (#1939)

  shadow {
    // Disable making `assemble` task depend on `shadowJar`. This is enabled by default.
    addShadowJarToAssembleLifecycle = false
  }

• Stop catching ZipException when writing entries. (#1970)

Fixed

• Fix interaction with Gradle artifact transforms. (#1345)
• Fix skipStringConstants per-relocator behavior in mapName. (#1968)
• Fix failing for non-existent class directories. (#1976)

9.3.2

Changed

• Stop moving gradleApi dependency from api to compileOnly for Gradle 9.4+. (#1919)
• Log warnings for duplicates in the final JAR. (#1931)

Fixed

• Fix relocation patterns not included in task fingerprint. (#1933)

9.3.1

Fixed

• Use ASM from jdependency embedded. (#1898)
  This fixes potential classpath conflicts when using Shadow with other plugins that also use ASM.

9.3.0

Added

... (truncated)

Commits

• 29c432a Prepare version 9.4.2
• 8aa8e6c Update dependency org.vafer:jdependency to v2.16 (#2033)
• f98d8f2 Prepare version 9.4.1
• 7cf1ac5 Note #1978 in changelog
• 539d532 Update plugin jetbrains-dokka to v2.2.0 (#1994)
• 0fb99ca Update actions/deploy-pages action to v5 (#1993)
• 38ec3e2 Update Develocity to v4.4.0 (#1992)
• e519072 Update gradle/actions action to v6 (#1990)
• ca0dd71 Update pluginPublish to v2.1.1 (#1989)
• 5a1ab58 Update Gradle to v9.4.1 (#1988)
• Additional commits viewable in compare view

[wiz-72cad32f19]

 Software Management Finding - Software License

Code library with Restrictive license

More Details

Code library com.sun.mail:jakarta.mail version 2.0.2 has GPL-2.0-with-classpath-exception license, categorized as Restrictive, its use may cause a supply chain licensing issue.

Remediation guidance

• Review the license terms to understand its specific rules.
• If needed, Replace this component immediately with an alternative using a permissive license (e.g., MIT, Apache 2.0).
• Consult your legal team if the component is business-critical or the terms are unclear.

To ignore this finding as an exception, reply to this conversation with #wiz_ignore reason

If you'd like to ignore this finding in all future scans, add an exception in the .wiz file (learn more) or create an Ignore Rule (learn more).

To get more details on how to remediate this issue using AI, reply to this conversation with #wiz remediate

[dependabot]

Looks like com.gradleup.shadow is no longer a dependency, so this is no longer needed.