build(deps): bump @lifeomic/alpha from 5.2.0 to 7.1.0

[dependabot]

Bumps @lifeomic/alpha from 5.2.0 to 7.1.0.

Commits

• b28fe22 Merge pull request #203 from lifeomic/feat/xray-lambda-tracing
• ff24829 fix(xray): pin @​aws-sdk/types for Node 14+ CI compatibility
• e5e7187 feat: emit X-Ray subsegment on every lambda:// invoke
• 1eb48dd Merge pull request #199 from lifeomic/dependabot/npm_and_yarn/follow-redirect...
• d054864 build(deps): bump follow-redirects from 1.15.11 to 1.16.0
• 0807285 Merge pull request #198 from lifeomic/dependabot/npm_and_yarn/axios-1.15.0
• ff9fc45 build(deps): bump axios from 1.13.5 to 1.15.0
• 4689531 Merge pull request #197 from lifeomic/dependabot/npm_and_yarn/lodash-4.18.1
• 7b7e7d9 build(deps): bump lodash from 4.17.23 to 4.18.1
• 4c6cd1d Merge pull request #194 from lifeomic/chore/fix-axios-upgrade-tests
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

[lifeomic-review-bot]

Blocking: Major bump 5.2.0 → 7.1.0 transitively upgrades axios to 1.x, which sends accept-encoding instead of accept as a default header. Running yarn test fails 8 cases in test/request-headers.test.ts and test/proxy.test.ts that assert exact header key lists. Update those tests (or defer the bump) before merge.

This review was generated by review-bot.

[lifeomic-review-bot]

Upstream: lifeomic/alpha — compare v5.2.0...v7.1.0 (see PR body commits).

Scope

Dependabot bumps the sole production dependency @lifeomic/alpha from ^5.2.0 to ^7.1.0 in package.json with a matching yarn.lock refresh. No application source files are in changedFiles; the CLI continues to use Alpha, AlphaOptions, AlphaResponse, and client.request() unchanged.

CI

CI is still pending in context; locally, yarn test (lint + tsc + jest) exits non-zero with 8 failing tests in test/request-headers.test.ts and test/proxy.test.ts.

Regression risk

[blocking] This is a two-major semver jump (5 → 7). @lifeomic/alpha@7.1.0 pulls axios ^1.6.0, which changes default outbound headers: tests now observe accept-encoding where they expected accept. Custom headers and core request/proxy/lambda flows still pass (29/37 tests green), but header assertions are brittle and CI will fail until tests are updated.

Approval is withheld until the test suite is aligned with alpha 7 / axios 1.x default headers (replace accept with accept-encoding in expected key lists, or assert behavior without pinning exact default header names).

Residual risks / follow-ups

• After test fixes, confirm lambda-handler and signed-request paths under CI (Node 18 per workflow).
• Alpha 7 adds X-Ray subsegments on lambda:// invokes — no CLI code changes required, but worth a quick smoke test if you rely on local lambda emulation.

Note: Review generated using Cursor model composer-2.5.

This review was generated by review-bot.