bedrock api response null type handling

[kothamah]

Relevant issues

Pre-Submission checklist

Please complete all items before asking a LiteLLM maintainer to review your PR

• I have Added testing in the tests/test_litellm/ directory, Adding at least 1 test is a hard requirement - see details
• My PR passes all unit tests on make test-unit
• My PR's scope is as isolated as possible, it only solves 1 specific problem
• I have requested a Greptile review by commenting @greptileai and received a Confidence Score of at least 4/5 before requesting a maintainer review

Delays in PR merge?

If you're seeing a delay in your PR being merged, ping the LiteLLM Team on Slack (#pr-review).

CI (LiteLLM team)

CI status guideline:

• 50-55 passing tests: main is stable with minor issues.
• 45-49 passing tests: acceptable but needs attention
• <= 40 passing tests: unstable; be careful with your merges and assess the risk.

• Branch creation CI run
  Link:

• CI run for the last commit
  Link:

• Merge / cherry-pick CI run
  Links:

Type

🆕 New Feature
🐛 Bug Fix
🧹 Refactoring
📖 Documentation
🚄 Infrastructure
✅ Test

Changes

[vercel]

The latest updates on your projects. Learn more about Vercel for GitHub.

Project	Deployment	Actions	Updated (UTC)
litellm	Ready	Preview, Comment	Apr 7, 2026 8:34pm

[codspeed-hq]

Merging this PR will not alter performance

✅ 16 untouched benchmarks

---

_{Comparing kothamah:litellm_bedrock_api_response_null_type_handling (168b0a0) with main (f3bc200)}

[greptile-apps]

Greptile Summary

This PR fixes a TypeError: 'NoneType' object is not iterable crash triggered when the Bedrock Guardrails API returns explicit null for list fields such as piiEntities, regexes, customWords, managedWordLists, topics, filters, and assessments. The root cause is a Python subtlety: dict.get(key, []) only returns the default value when the key is absent — if the key exists with a None value, it returns None. The fix replaces every .get(key, []) call with .get(key) or [] across _redact_pii_matches(), _should_raise_guardrail_blocked_exception(), and apply_guardrail(), with clear inline comments explaining the reasoning.

• The fix is technically correct and consistent across all three affected methods
• New mock unit test classes (TestRedactPiiMatchesNullSafety, TestShouldRaiseGuardrailBlockedExceptionNullSafety, TestApplyGuardrailNullSafety) in tests/test_litellm/ comprehensively cover every null field scenario
• The previously removed test_bedrock_guardrail_blocked_vs_anonymized_actions (ANONYMIZED vs BLOCKED distinction) has been re-added to the unit test suite, addressing the concern from the previous review round

Confidence Score: 5/5

Safe to merge — the fix is correct, well-documented, and comprehensively tested with mock unit tests.

The null-safety fix is technically sound (Python dict.get() semantics are correctly handled), all three affected methods are patched consistently, and the new test classes cover every null-field combination. The previously flagged missing ANONYMIZED/BLOCKED test has been re-added to the unit test suite. No P0 or P1 issues remain.

No files require special attention.

Important Files Changed

Filename	Overview
litellm/proxy/guardrails/guardrail_hooks/bedrock_guardrails.py	Applies or [] null-safety fix across _redact_pii_matches, _should_raise_guardrail_blocked_exception, and apply_guardrail; fix is correct and well-documented with inline comments explaining Python dict.get() semantics
tests/test_litellm/proxy/guardrails/guardrail_hooks/test_bedrock_guardrails.py	New comprehensive mock unit tests covering all null-safety scenarios; HTTPException import at top level is correctly used at line 1179; test_bedrock_guardrail_blocked_vs_anonymized_actions re-added here
tests/guardrails_tests/test_bedrock_guardrails.py	Integration test file; some tests reorganized to the unit test suite; existing real-network-call tests remain in their appropriate integration test location

Sequence Diagram

sequenceDiagram
    participant C as Client
    participant BG as BedrockGuardrail
    participant BA as Bedrock API

    C->>BG: apply_guardrail(inputs)
    note over BG: texts = inputs.get("texts") or []
    alt texts is empty (None → [])
        BG-->>C: return inputs unchanged (no API call)
    else texts present
        BG->>BA: POST /guardrail/{id}/version/{v}/apply
        BA-->>BG: response (may contain null list fields)
        note over BG: assessments = response.get("assessments") or []
        loop for each assessment
            note over BG: piiEntities/regexes/topics/filters/customWords/managedWordLists\n= .get(key) or []  ← null-safe
        end
        alt any field action == BLOCKED
            BG-->>C: raise HTTPException(400)
        else ANONYMIZED or no match
            note over BG: _redact_pii_matches(response)\nsame or [] pattern — replace match → [REDACTED]
            BG-->>C: return masked inputs
        end
    end

Loading

_{Reviews (3): Last reviewed commit: "added changes based on the feedback" | Re-trigger Greptile}

[greptile-apps]

Missing test for the actual null-fix scenario

The core fix in this PR handles Bedrock returning explicit null for list fields (e.g. "piiEntities": null, "regexes": null, "assessments": null). However, none of the new tests exercise this exact code path. test__redact_pii_matches_malformed_response tests "not_a_list" (a truthy string that goes through the exception handler), but it does not test None (the actual Bedrock null scenario that the or [] pattern is intended to fix).

A specific test like the following would directly validate the fix:

@pytest.mark.asyncio
async def test__redact_pii_matches_null_list_fields():
    """Test that explicit null values from Bedrock API are handled correctly"""
    response_with_null_fields = {
        "action": "GUARDRAIL_INTERVENED",
        "assessments": [
            {
                "sensitiveInformationPolicy": {
                    "piiEntities": None,   # Bedrock can return explicit null
                    "regexes": None,        # same
                }
            }
        ],
    }
    # Should not raise TypeError: 'NoneType' object is not iterable
    redacted_response = _redact_pii_matches(response_with_null_fields)
    assert redacted_response is not None

Without this, the specific regression that motivated this PR is not validated by the test suite.

[greptile-apps]

Unused import

HTTPException is imported at the module level but is not used by any of the new test functions. The tests that previously referenced it (test_bedrock_guardrails_block_messages_api, test_bedrock_guardrails_block_responses_api) were removed.

Suggested change

from fastapi import HTTPException

(Remove the line entirely.)

[greptile-apps]

Removed mock test coverage for _should_raise_guardrail_blocked_exception

This PR also patches _should_raise_guardrail_blocked_exception with the same null-handling fix (for topics, filters, customWords, managedWordLists, piiEntities, regexes, grounding_filters), but the old test test_bedrock_guardrail_blocked_vs_anonymized_actions that covered this method was removed and not replaced.

The deleted test validated three distinct cases that are still important:

• ANONYMIZED actions should NOT raise an exception (returns False)
• BLOCKED actions SHOULD raise an exception (returns True)
• Mixed ANONYMIZED + BLOCKED should raise if ANY action is BLOCKED

These scenarios are critical to the guardrail's correctness and are now untested. Per the mock test integrity rule, a mock test should only be removed when it no longer reflects the intended behavior — these cases still represent correct expected behavior.

Rule Used: # Code Review Rule: Mock Test Integrity

What:... (source)

[CLAassistant]

All committers have signed the CLA.

[codecov]

Codecov Report

✅ All modified and coverable lines are covered by tests.

📢 Thoughts on this report? Let us know!

[ishaan-berri]

@copilot resolve the merge conflicts in this pull request