Releases: BerriAI/litellm
Releases · BerriAI/litellm
v1.83.10-nightly
Verify Docker Image Signature
All LiteLLM Docker images are signed with cosign. Every release is signed with the same key introduced in commit 0112e53.
Verify using the pinned commit hash (recommended):
A commit hash is cryptographically immutable, so this is the strongest way to ensure you are using the original signing key:
cosign verify \
--key https://raw.githubusercontent.com/BerriAI/litellm/0112e53046018d726492c814b3644b7d376029d0/cosign.pub \
ghcr.io/berriai/litellm:v1.83.10-nightlyVerify using the release tag (convenience):
Tags are protected in this repository and resolve to the same key. This option is easier to read but relies on tag protection rules:
cosign verify \
--key https://raw.githubusercontent.com/BerriAI/litellm/v1.83.10-nightly/cosign.pub \
ghcr.io/berriai/litellm:v1.83.10-nightlyExpected output:
The following checks were performed on each of these signatures:
- The cosign claims were validated
- The signatures were verified against the specified public key
⚠️ Breaking Changes
- Python 3.9 is no longer supported. The minimum required Python version is now 3.10 (
requires-pythonchanged from>=3.9, <3.14to>=3.10, <3.14). Python 3.9 reached end-of-life in October 2025. See #26022.
What's Changed
- fix: batch-limit stale managed object cleanup to prevent 300K row UPDATE by @ishaan-berri in #25227
- [bug-fix]return actual status code - /v1/messages/count_tokens endpoint by @otaviofbrito in #21352
- feat(teams): per-member model scope + team default_team_member_models by @ishaan-berri in #24950
- feat: multiple concurrent budget windows per API key and team (#24883) by @ishaan-berri in #25109
- [Fix] Restrict x-pass- header forwarding for credential and protocol headers by @yuneng-berri in #25916
- [Fix] Tighten api_key value check in credential validation by @yuneng-berri in #25917
- fix(ocr): add missing Mistral OCR params to allowlist by @michelligabriele in #25858
- Add capability to override default GitHub Copilot authentication endp… by @steromano87 in #25915
- fix: return None for routing_strategy_args when strategy is not latency-based by @ryan-crabbe-berri in #25882
- Refactor: extract shared PKCE helpers into utils/pkce.ts by @ryan-crabbe-berri in #25878
- fix(proxy): enforce organization boundaries in admin operations by @stuxf in #25904
- fix(proxy): read guardrail config from admin metadata, fix tag routing consistency by @stuxf in #25905
- fix(proxy): add URL validation for user-supplied URLs by @stuxf in #25906
- Add support for grok-4.20-0309-reasoning model by @Sameerlite in #25930
- docs: add "Copy Page as Markdown" + llms.txt to docs site by @krrish-berri-2 in #25975
- [WIP][Perf] Litellm prometheus improvements by @harish-berri in #25934
- [Infra] Merge dev branch by @yuneng-berri in #25972
- Litellm ishaan april6 by @ishaan-berri in #25256
- [Fix] Agent endpoint and routing permission checks by @yuneng-berri in #25922
- [Fix] Remove unresolved merge conflict markers in bedrock test file by @yuneng-berri in #25995
- [Feature] UI - Settings: Claude Code BYOK support by @yuneng-berri in #25998
- chore(ui): migrate GuardrailTestPlayground off @tremor/react to antd by @ryan-crabbe-berri in #25749
- chore(ui): migrate router_settings page from Tremor to antd by @ryan-crabbe-berri in #25879
- feat(ocr/azure-di): support Mistral-style pages param via analyze query string by @shivamrawat1 in #25929
- feat(helm): add tpl support to extraContainers and extraInitContainers by @jlav in #25494
- fix(bedrock): prevent negative streaming costs for start-only cache usage by @Sameerlite in #25846
- fix(proxy): prioritize reasoning health-check max token precedence by @Sameerlite in #25936
- Litellm persist default router end budget by @shivamrawat1 in #25991
- fix(ui): extra_headers not persisting on MCP server edit by @ryan-crabbe-berri in #26003
- [Fix] UI - Keys: strip empty premium fields from key update payload by @yuneng-berri in #26023
- [Fix] Resolve prometheus_helpers file/package shadow breaking /global/spend/logs by @yuneng-berri in #26026
- fix: enforce project-level model-specific rate limits in parallel_req… by @shivamrawat1 in #25994
- [Infra] Merge dev branch by @yuneng-berri in #25983
- [Infra] Bump proxy dependencies and raise minimum Python to 3.10 by @yuneng-berri in #26022
- fix(mcp): restore PKCE-triggering 401 when no stored per-user token exists by @ishaan-berri in #26032
- feat: configurable multi-threshold budget alerts for virtual keys by @ryan-crabbe-berri in #25989
- [Infra] Build UI by @yuneng-berri in #26033
- bump: version 1.83.9 → 1.83.10 by @yuneng-berri in #26038
- bump litellm-proxy-extras to 0.4.67 by @ishaan-berri in #26043
- [Infra] Promote staging to main by @yuneng-berri in #26044
New Contributors
- @steromano87 made their first contribution in #25915
- @harish-berri made their first contribution in #25934
- @jlav made their first contribution in #25494
Full Changelog: v1.83.9-nightly...v1.83.10-nightly
Contributors
steromano87, jlav, and 10 other contributors
Assets 2
v1.83.7-stable
e0d5c28
This commit was signed with the committer’s verified signature.
shivamrawat1
Shivam Rawat
Verify Docker Image Signature
All LiteLLM Docker images are signed with cosign. Every release is signed with the same key introduced in commit 0112e53.
Verify using the pinned commit hash (recommended):
A commit hash is cryptographically immutable, so this is the strongest way to ensure you are using the original signing key:
cosign verify \
--key https://raw.githubusercontent.com/BerriAI/litellm/0112e53046018d726492c814b3644b7d376029d0/cosign.pub \
ghcr.io/berriai/litellm:v1.83.7-stableVerify using the release tag (convenience):
Tags are protected in this repository and resolve to the same key. This option is easier to read but relies on tag protection rules:
cosign verify \
--key https://raw.githubusercontent.com/BerriAI/litellm/v1.83.7-stable/cosign.pub \
ghcr.io/berriai/litellm:v1.83.7-stableExpected output:
The following checks were performed on each of these signatures:
- The cosign claims were validated
- The signatures were verified against the specified public key
What's Changed
- Litellm docs 1 83 3 by @ishaan-berri in #25166
- [Nit] Small docs fix, fixing img + folder name by @ishaan-berri in #25171
- docs: week 1 checklist by @mubashir1osmani in #25083
- [Docs] Add cosign Docker image verification steps to security blog posts by @yuneng-berri in #25122
- [Infra] Remove flaky proxy_e2e_azure_batches_tests CI workflow by @yuneng-berri in #25247
- [Docs] Enforce Black Formatting in Contributor Docs by @yuneng-berri in #25135
- [Infra] Remove Redundant Matrix Unit Test Workflow by @yuneng-berri in #25251
- feat: add POST /team/permissions_bulk_update endpoint by @ryan-crabbe-berri in #25239
- fix: batch-limit stale managed object cleanup to prevent 300K row UPD… by @ishaan-berri in #25258
- bump litellm-enterprise to 0.1.37 by @ishaan-berri in #25265
- bump litellm version to 1.83.4 by @ishaan-berri in #25266
- Litellm aws gov cloud mode support by @shivamrawat1 in #25254
- [Fix] Update check_responses_cost tests for _expire_stale_rows by @yuneng-berri in #25299
- [Test] UI - E2E: Add Playwright tests with local PostgreSQL by @yuneng-berri in #25126
- [Fix] Dockerfile.non_root: handle missing .npmrc gracefully by @yuneng-berri in #25307
- fix(auth): allow JWT override OAuth2 routing without global OAuth2 enablement by @milan-berri in #25252
- [Infra] Pin cosign.pub verification to initial commit hash by @yuneng-berri in #25273
- [Refactor] Align /v2/key/info response handling with v1 by @yuneng-berri in #25313
- Fix node-gyp symlink path after npm upgrade in Dockerfile by @joereyna in #25048
- [Infra] Bump version 1.83.4 → 1.83.5 by @yuneng-berri in #25316
- fix(mcp): block arbitrary command execution via stdio transport by @Sameerlite in #25343
- [Infra] Migrate Redis caching tests from GHA to CircleCI by @yuneng-berri in #25354
- [Feature] UI E2E Tests: Proxy Admin Team and Key Management by @yuneng-berri in #25365
- Add Ramp as a built-in success callback by @kedarthakkar in #23769
- fix(router): tag-based routing broken when encrypted_content_affinity is enabled by @Sameerlite in #25347
- feat(triton): add embedding usage estimation for self-hosted responses by @Sameerlite in #25345
- fix(router): pass custom_llm_provider to get_llm_provider for unprefixed model names by @Sameerlite in #25334
- Litellm oss staging 04 02 2026 p1 by @krrish-berri-2 in #25055
- feat(cost): add baseten model api pricing entries by @Sameerlite in #25358
- feat(proxy): add credential overrides per team/project via model_config metadata by @michelligabriele in #24438
- docs: add Docker Image Security Guide (cosign verification & deployment best practices) by @krrish-berri-2 in #25439
- fix(test): mock headers in test_completion_fine_tuned_model by @joereyna in #25444
- feat(mcp): add per-user OAuth token storage for interactive MCP flows by @csoni-cweave in #25441
- [Fix] UI: improve storage handling and Dockerfile consistency by @yuneng-berri in #25384
- fix(responses-ws): append ?model= to backend WebSocket URL by @joereyna in #25437
- fix(proxy): improve input validation on management endpoints by @jaydns in #25445
- fix(proxy): use parameterized query for combined_view token lookup by @jaydns in #25467
- [Docs] Add missing MCP per-user token env vars to config_settings by @yuneng-berri in #25471
- [Test] UI - Unit tests: raise global vitest timeout and remove per-test overrides by @yuneng-berri in #25468
- [Fix] Harden file path resolution in skill archive extraction by @yuneng-berri in #25475
- refactor: consolidate route auth for UI and API tokens by @ryan-crabbe-berri in #25473
- merge main by @Sameerlite in #25524
- [Fix] Responses WebSocket Duplicate Keyword Argument Error by @yuneng-berri in #25513
- fix(bedrock): avoid double-counting cache tokens in Anthropic Messages streaming usage by @Sameerlite in #25517
- [Fix] Align v1 guardrail and agent list responses with v2 field handling by @yuneng-berri in #25478
- bump: version 1.83.5 → 1.83.6 by @yuneng-berri in #25528
- [Fix] Flush Tremor Tooltip timers in user_edit_view tests by @yuneng-berri in #25480
- [Infra] Merge Dev Branch with Main by @yuneng-berri in #25526
- docs: document april townhall announcements by @krrish-berri-2 in #25537
- feat(anthropic): support advisor_20260301 tool type by @ishaan-berri in #25525
- fix: a2a create a2a client default 60 second timeout by @milan-berri in #25514
- fix(websearch_interception): ensure spend/cost logging runs when stream=True by @Sameerlite in #25424
- fix(responses): map refusal stop_reason to incomplete status in streaming by @Sameerlite in #25498
- feat(guardrails): optional skip system message in unified guardrail inputs by @Sameerlite in #25481
- feat(bedrock): skip dummy user continue for assistant prefix prefill by @Sameerlite in #25419
- feat(containers): Azure routing, managed container IDs, delete response parsing by @Sameerlite in #25287
- fix(logging): preserve proxy key-auth metadata on /v1/messages Langfuse traces by @michelligabriele in #25448
- Reduce default latency histogram bucket cardinality by @J-Byron in #25527
- fix(s3): add retry with exponential backoff for transient S3 503/500 errors by @jimmychen-p72 in #25530
- fix(proxy): preserve dict guardrail HTTPException.detail + bedrock context by @michelligabriele in #25558
- Add "Screenshots / Proof of Fix" section to PR template by @krrish-berri-2 in #25564
- fix(spend): session-TZ-independent date filtering for spend/error log queries by @ryan-crabbe-berri in #25542
- [Fix] Align Org and Team Endpoint Permission Checks by @yuneng-berri in #25554
- Litellm ishaan april10 by @ishaan-berri in #25545
- Add file content streaming support for OpenAI and related utilities by @harish876 in #25450
- [Infra] Merge dev with main by @yuneng-berri in #25568
- Litellm harish april11 by @ishaan-berri in #25569
- [Infra] Build UI for release by @yuneng-berri in #25571
- added applyguardrail to inline iam by @shivamrawat1 in #25241
- Team member permission /spend/logs for team-wide spend logs (UI + RBAC) by @shivamrawat1 in #25458
- [Infra] Rebuild UI by @yuneng-berri in...
Contributors
joereyna, kedarthakkar, and 14 other contributors
Assets 2
v1.83.9-nightly
Verify Docker Image Signature
All LiteLLM Docker images are signed with cosign. Every release is signed with the same key introduced in commit 0112e53.
Verify using the pinned commit hash (recommended):
A commit hash is cryptographically immutable, so this is the strongest way to ensure you are using the original signing key:
cosign verify \
--key https://raw.githubusercontent.com/BerriAI/litellm/0112e53046018d726492c814b3644b7d376029d0/cosign.pub \
ghcr.io/berriai/litellm:v1.83.9-nightlyVerify using the release tag (convenience):
Tags are protected in this repository and resolve to the same key. This option is easier to read but relies on tag protection rules:
cosign verify \
--key https://raw.githubusercontent.com/BerriAI/litellm/v1.83.9-nightly/cosign.pub \
ghcr.io/berriai/litellm:v1.83.9-nightlyExpected output:
The following checks were performed on each of these signatures:
- The cosign claims were validated
- The signatures were verified against the specified public key
What's Changed
- fix: harden CORS credentials, create_views exception handling, and spend log cleanup loop by @shreyescodes in #25559
- fix(azure/passthrough): populate standard_logging_object via logging hook by @michelligabriele in #25679
- feat(mcp): expose per-server InitializeResult.instructions from gateway by @milan-berri in #25694
- fix(caching): add Responses API params to cache key allow-list by @michelligabriele in #25673
- feat(health-check): add BACKGROUND_HEALTH_CHECK_MAX_TOKENS env var by @Sameerlite in #25344
- feat(anthropic): retry /v1/messages after invalid thinking signature by @Sameerlite in #25674
- fix(ui): delete policy attachments via controlled modal by @Lucas-Song-Dev in #25324
- fix(proxy): enforce team membership in team-scoped key management checks by @milan-berri in #25686
- [Infra] Guard main to only accept PRs from staging and hotfix branches by @yuneng-berri in #25733
- [Infra] Merge main into litellm_internal_staging by @yuneng-berri in #25747
- fix(bedrock/anthropic): accurate cache token cost breakdown in UI and SpendLogs by @ishaan-berri in #25735
- build(ui): rebuild dashboard for cache token cost breakdown changes by @ishaan-berri in #25801
- refactor(ui): reduce Tremor usage in Guardrails Monitor layout by @ryan-crabbe-berri in #25803
- bedrock api response null type handling by @ishaan-berri in #25810
- bedrock api response null type handling by @kothamah in #24147
- [Infra] Expand CI branch filters for non-main PR targets by @yuneng-berri in #25819
- [Refactor] UI - Deleted Keys/Teams: Enterprise notice banner by @yuneng-berri in #25814
- security: prevent API key leaks in error tracebacks, logs, and alerts by @stuxf in #25117
- fix(guardrails): replace custom_code sandbox with RestrictedPython by @jaydns in #25818
- [Infra] Remove unused publish_proxy_extras and prisma_schema_sync jobs from CircleCI config by @yuneng-berri in #25821
- [Infra] Merge dev branch by @yuneng-berri in #25796
- fix: make PodLockManager.release_lock atomic compare-and-delete (re-land #21226) by @joereyna in #24466
- Optimize database query to prevent OOM errors during health checks by @harish876 in #25732
- fix(logging): preserve provider response headers in StandardLoggingPayload by @ishaan-berri in #25807
- Litellm ishaan april15 by @ishaan-berri in #25813
- Litellm ishaan april15 2 by @ishaan-berri in #25828
- docs(troubleshoot): cost discrepancy debugging guide by @Sameerlite in #25622
- Litellm ishaan april14 by @ishaan-berri in #25699
- fix(proxy): harden request parameter handling by @stuxf in #25827
- fix(proxy): add shared path utilities, prevent directory traversal by @stuxf in #25834
- fix(proxy): fix virtual key projected-spend soft budget alerts by @ryan-crabbe-berri in #25838
- fix(ui): render guardrail optional_params bool defaults in Select by @ryan-crabbe-berri in #25806
- fix(ui): use antd Select for MCP ToolTestPanel bool inputs by @ryan-crabbe-berri in #25809
- fix(ui): invalidate org queries after team mutations by @ryan-crabbe-berri in #25812
- litellm oss staging 04/15/2026 by @krrish-berri-2 in #25831
- Litellm day 0 opus 4.7 support by @Sameerlite in #25867
- [Infra] Merge dev branch by @yuneng-berri in #25871
- Fix version in docs by @Sameerlite in #25875
- [Infra] Bump llm_translation_testing resource class to xlarge by @yuneng-berri in #25887
- Litellm hotfix opus 4.7 by @Sameerlite in #25876
- [Infra] Reduce llm_translation_testing parallelism and tolerate worker restarts by @yuneng-berri in #25898
- Add docs announcement bar for Trivy compromise resolution by @krrish-berri-2 in #25870
- [Test] Remove dead Bedrock clear_thinking interleaved-thinking-beta assertion by @yuneng-berri in #25913
- [Test] Mock Bedrock Moonshot tests + [Fix] TogetherAIConfig recursion by @yuneng-berri in #25920
- bump: proxy extras version 0.4.65 → 0.4.66 by @yuneng-berri in #25873
- bump: version 1.83.8 → 1.83.9 by @yuneng-berri in #25872
- [Infra] Promote Internal Staging to main by @yuneng-berri in #25924
New Contributors
- @shreyescodes made their first contribution in #25559
- @Lucas-Song-Dev made their first contribution in #25324
Full Changelog: v1.83.8-nightly...v1.83.9-nightly
Contributors
joereyna, jaydns, and 12 other contributors
Assets 2
v1.83.8-nightly
Verify Docker Image Signature
All LiteLLM Docker images are signed with cosign. Every release is signed with the same key introduced in commit 0112e53.
Verify using the pinned commit hash (recommended):
A commit hash is cryptographically immutable, so this is the strongest way to ensure you are using the original signing key:
cosign verify \
--key https://raw.githubusercontent.com/BerriAI/litellm/0112e53046018d726492c814b3644b7d376029d0/cosign.pub \
ghcr.io/berriai/litellm:v1.83.8-nightlyVerify using the release tag (convenience):
Tags are protected in this repository and resolve to the same key. This option is easier to read but relies on tag protection rules:
cosign verify \
--key https://raw.githubusercontent.com/BerriAI/litellm/v1.83.8-nightly/cosign.pub \
ghcr.io/berriai/litellm:v1.83.8-nightlyExpected output:
The following checks were performed on each of these signatures:
- The cosign claims were validated
- The signatures were verified against the specified public key
What's Changed
- fix(mcp): is_tool_name_prefixed validates against known server prefixes by @voidborne-d in #25085
- fix(s3_v2): use prepared URL for SigV4-signed S3 requests by @nehaaprasad in #25074
- fix(cache): Prevent 'multiple values' TypeError in get_cache_key by @hunterchris in #20261
- fix(presidio): use correct text positions in anonymize_text by @Dmitry-Kucher in #24998
- feat(prometheus): add 7m and 10m latency histogram buckets by @kulia26 in #25071
- fix(ui): resolve login redirect loop when reverse proxy adds HttpOnly to cookies by @jaxhend in #23532
- fix(proxy): set key_alias=user_id in JWT auth for Prometheus metrics by @michelligabriele in #25340
- fix(vertex_ai): normalize Gemini finish_reason enum through map_finis… by @abhyudayareddy in #25337
- fix: remove leading space from license public_key.pem by @milan-berri in #25339
- feat(dashscope): preserve cache_control for explicit prompt caching by @silencedoctor in #25331
- fix: expose reasoning effort fields in get_model_info + add together_ai/gpt-oss-120b by @avarga1 in #25263
- Add PromptGuard guardrail integration by @acebot712 in #24268
- Revert "fix(proxy): set key_alias=user_id in JWT auth for Prometheus metrics" by @krrish-berri-2 in #25438
- build: migrate packaging, CI, and Docker from Poetry to uv by @stuxf in #25007
- fix(security): bump vulnerable dependencies (22 of 25 dependabot alerts) by @stuxf in #25442
- blog: restyle docs.litellm.ai/blog to engineering blog aesthetic by @ishaan-berri in #25580
- blog: Ramp-style engineering blog restyle + Redis circuit breaker post by @ishaan-berri in #25583
- feat(advisor): advisor tool orchestration loop for non-Anthropic providers by @ishaan-berri in #25579
- Litellm dev 04 11 2026 p1 by @krrish-berri-2 in #25585
- blog: add back arrow to blog post pages by @ishaan-berri in #25587
- fix(proxy): cache invalidation double-hashes token in bulk update and key rotation by @dkindlund in #25552
- fix(proxy): model_max_budget silently broken for routed models by @dkindlund in #25549
- fix(embedding): omit null encoding_format for openai requests by @meutsabdahal in #25395
- fix(budget): align reset times for legacy entities (Team Members, End Users) with standardized calendar by @DmitriyAlergant in #25440
- feat(model):add wandb model offerings to include kimi-k2.5 and minimax-m2.5 by @csoni-cweave in #25409
- [Fix] Align field-level checks in user and key update endpoints by @yuneng-berri in #25541
- [Refactor] UI - Virtual Keys: migrate regenerate key modal to AntD by @yuneng-berri in #25406
- [Fix] tighten handling of environment references in request parameters by @yuneng-berri in #25592
- merge main by @Sameerlite in #25616
- Litellm oss staging 04 08 2026 by @krrish-berri-2 in #25397
- fix(auth): gate post-custom-auth DB lookups behind opt-in flag by @michelligabriele in #25634
- fix: blog dark mode - text invisible on dark background by @krrish-berri-2 in #25620
- [Fix] /spend/logs: align filter handling with user scoping by @yuneng-berri in #25594
- feat: add litellm.compress() — BM25-based prompt compression with retrieval tool by @krrish-berri-2 in #25637
- docs: week 2 checklist by @mubashir1osmani in #25452
- feat(guardrails): per-team opt-out for specific global guardrails by @ryan-crabbe-berri in #25575
- Litellm ishaan april11 by @ishaan-berri in #25586
- chore: remove deprecated tests/ui_e2e_tests/ suite by @ryan-crabbe-berri in #25657
- test(e2e): add edit team model TPM/RPM limits test by @ryan-crabbe-berri in #25658
- Litellm oss staging 04 09 2026 by @krrish-berri-2 in #25463
- [Feature] UI - Teams: Allow Editing Router Settings After Team Creation by @yuneng-berri in #25398
- [Infra] Merge dev branch with main by @yuneng-berri in #25647
- [Test] UI - Models: Add E2E tests for Add Model flow by @yuneng-berri in #25590
- Revert "fix(embedding): omit null encoding_format for openai requests" by @Sameerlite in #25698
- feat(bedrock): normalize custom tool JSON schema for Invoke and Converse by @Sameerlite in #25396
- feat(gemini): Veo Lite pricing, video resolution usage and tiered cost by @Sameerlite in #25348
- litellm_staging_04_04_2026 by @krrish-berri-2 in #25192
- Litellm oss staging 04 11 2026 by @krrish-berri-2 in #25589
- litellm oss staging 04/13/2026 by @krrish-berri-2 in #25665
- fix(cost-map): add us-south1 to vertex qwen3-235b-a22b-instruct-2507-maas by @ti3x in #25382
- feat: add litellm.compress() — BM25-based prompt compression with ret… by @krrish-berri-2 in #25650
- fix(ui): pre-select backend default for boolean guardrail provider fields by @ryan-crabbe-berri in #25700
- fix: isolate logs team filter dropdown from root teams state bleed by @ryan-crabbe-berri in #25716
- test(ui): add getCookie to cookieUtils mock in user_dashboard test by @ryan-crabbe-berri in #25719
- [Docs] Add release notes for v1.83.3-stable and v1.83.7.rc.1 by @yuneng-berri in #25723
- fix: default invite user modal global role to least-privilege by @ryan-crabbe-berri in #25721
- [Docs] Regenerate v1.83.3-stable release notes from previous stable by @yuneng-berri in #25726
- [Refactor] Remove Chat UI link from Swagger docs message by @yuneng-berri in #25727
- [Fix] Test - Together AI: replace deprecated Mixtral with serverless Qwen3.5-9B by @yuneng-berri in #25728
- fallbacks image by @shivamrawat1 in #25731
- [Test] Replace flaky bedrock gpt-oss tool-call live test with request-body mock by @yuneng-berri in #25739
- docs update by @shivamrawat1 in #25736
- fix: remove non-existent litellm_mcps_tests_coverage from coverage combine by @joereyna in #25737
- fix(ci): increase test-server-root-path timeout to 30m by @joereyna in #25741
- bump: version 1.83.7 → 1.83.8 by @yuneng-berri in #25730
New Contributors
- @hunterchris made their first contribution in #20261
- @Dmitry-Kucher made their first contribution in #24998
- @kulia26 made their first contribution in #25071
- @jaxhend made their first contribution in #23532
- @abhyudayareddy made their first contribution in #25337
- @avarga1 made their first contribution in https://...
Contributors
dkindlund, Dmitry-Kucher, and 24 other contributors
Assets 2
v1.83.7.rc.1
Verify Docker Image Signature
All LiteLLM Docker images are signed with cosign. Every release is signed with the same key introduced in commit 0112e53.
Verify using the pinned commit hash (recommended):
A commit hash is cryptographically immutable, so this is the strongest way to ensure you are using the original signing key:
cosign verify \
--key https://raw.githubusercontent.com/BerriAI/litellm/0112e53046018d726492c814b3644b7d376029d0/cosign.pub \
ghcr.io/berriai/litellm:v1.83.7.rc.1Verify using the release tag (convenience):
Tags are protected in this repository and resolve to the same key. This option is easier to read but relies on tag protection rules:
cosign verify \
--key https://raw.githubusercontent.com/BerriAI/litellm/v1.83.7.rc.1/cosign.pub \
ghcr.io/berriai/litellm:v1.83.7.rc.1Expected output:
The following checks were performed on each of these signatures:
- The cosign claims were validated
- The signatures were verified against the specified public key
⚠️ Breaking Changes
Prometheus default latency histogram buckets reduced (#25527)
The default LATENCY_BUCKETS has been reduced from 35 to 18 boundaries. If you have existing Prometheus dashboards or PromQL SLO queries that reference specific le values (e.g. le="1.5", le="9.5"), those series will no longer exist after upgrading. Review and update any affected queries or dashboard panels.
What's Changed
- Fix node-gyp symlink path after npm upgrade in Dockerfile by @joereyna in #25048
- [Test] UI - E2E: Add Playwright tests with local PostgreSQL by @yuneng-berri in #25126
- feat: add POST /team/permissions_bulk_update endpoint by @ryan-crabbe-berri in #25239
- added applyguardrail to inline iam by @shivamrawat1 in #25241
- [Infra] Pin cosign.pub verification to initial commit hash by @yuneng-berri in #25273
- feat(containers): Azure routing, managed container IDs, delete response parsing by @Sameerlite in #25287
- [Fix] Update check_responses_cost tests for _expire_stale_rows by @yuneng-berri in #25299
- [Fix] Dockerfile.non_root: handle missing .npmrc gracefully by @yuneng-berri in #25307
- [Refactor] Align /v2/key/info response handling with v1 by @yuneng-berri in #25313
- [Infra] Bump version 1.83.4 → 1.83.5 by @yuneng-berri in #25316
- fix(mcp): block arbitrary command execution via stdio transport by @Sameerlite in #25343
- [Infra] Migrate Redis caching tests from GHA to CircleCI by @yuneng-berri in #25354
- [Feature] UI E2E Tests: Proxy Admin Team and Key Management by @yuneng-berri in #25365
- [Fix] UI: improve storage handling and Dockerfile consistency by @yuneng-berri in #25384
- feat(bedrock): skip dummy user continue for assistant prefix prefill by @Sameerlite in #25419
- fix(websearch_interception): ensure spend/cost logging runs when stream=True by @Sameerlite in #25424
- fix(responses-ws): append ?model= to backend WebSocket URL by @joereyna in #25437
- feat(mcp): add per-user OAuth token storage for interactive MCP flows by @csoni-cweave in #25441
- fix(test): mock headers in test_completion_fine_tuned_model by @joereyna in #25444
- fix(proxy): improve input validation on management endpoints by @jaydns in #25445
- fix(logging): preserve proxy key-auth metadata on /v1/messages Langfuse traces by @michelligabriele in #25448
- Add file content streaming support for OpenAI and related utilities by @harish876 in #25450
- Team member permission /spend/logs for team-wide spend logs (UI + RBAC) by @shivamrawat1 in #25458
- fix(proxy): pass-through multipart uploads and Bedrock JSON body by @shivamrawat1 in #25464
- fix(proxy): use parameterized query for combined_view token lookup by @jaydns in #25467
- [Test] UI - Unit tests: raise global vitest timeout and remove per-test overrides by @yuneng-berri in #25468
- [Docs] Add missing MCP per-user token env vars to config_settings by @yuneng-berri in #25471
- refactor: consolidate route auth for UI and API tokens by @ryan-crabbe-berri in #25473
- [Fix] Harden file path resolution in skill archive extraction by @yuneng-berri in #25475
- [Fix] Align v1 guardrail and agent list responses with v2 field handling by @yuneng-berri in #25478
- [Fix] Flush Tremor Tooltip timers in user_edit_view tests by @yuneng-berri in #25480
- feat(guardrails): optional skip system message in unified guardrail inputs by @Sameerlite in #25481
- fix(responses): map refusal stop_reason to incomplete status in streaming by @Sameerlite in #25498
- [Fix] Responses WebSocket Duplicate Keyword Argument Error by @yuneng-berri in #25513
- fix: a2a create a2a client default 60 second timeout by @milan-berri in #25514
- fix(bedrock): avoid double-counting cache tokens in Anthropic Messages streaming usage by @Sameerlite in #25517
- merge main by @Sameerlite in #25524
- feat(anthropic): support advisor_20260301 tool type by @ishaan-berri in #25525
- [Infra] Merge Dev Branch with Main by @yuneng-berri in #25526
- Reduce default latency histogram bucket cardinality by @J-Byron in #25527
- bump: version 1.83.5 → 1.83.6 by @yuneng-berri in #25528
- fix(s3): add retry with exponential backoff for transient S3 503/500 errors by @jimmychen-p72 in #25530
- docs: document april townhall announcements by @krrish-berri-2 in #25537
- fix(spend): session-TZ-independent date filtering for spend/error log queries by @ryan-crabbe-berri in #25542
- Litellm ishaan april10 by @ishaan-berri in #25545
- [Fix] Align Org and Team Endpoint Permission Checks by @yuneng-berri in #25554
- fix(proxy): preserve dict guardrail HTTPException.detail + bedrock context by @michelligabriele in #25558
- Litellm internal staging 04 11 2026 by @krrish-berri-2 in #25562
- Add "Screenshots / Proof of Fix" section to PR template by @krrish-berri-2 in #25564
- [Infra] Merge dev with main by @yuneng-berri in #25568
- Litellm harish april11 by @ishaan-berri in #25569
- [Infra] Build UI for release by @yuneng-berri in #25571
- [Infra] Rebuild UI by @yuneng-berri in #25573
- [Infra] Rebuild UI by @yuneng-berri in #25577
- bump: version 1.83.6 → 1.83.7 by @yuneng-berri in #25578
New Contributors
- @csoni-cweave made their first contribution in #25441
- @jimmychen-p72 made their first contribution in #25530
Full Changelog: v1.83.3.rc.1...v1.83.7.rc.1
Contributors
joereyna, jaydns, and 12 other contributors
Assets 2
v1.83.6-nightly
Verify Docker Image Signature
All LiteLLM Docker images are signed with cosign. Every release is signed with the same key introduced in commit 0112e53.
Verify using the pinned commit hash (recommended):
A commit hash is cryptographically immutable, so this is the strongest way to ensure you are using the original signing key:
cosign verify \
--key https://raw.githubusercontent.com/BerriAI/litellm/0112e53046018d726492c814b3644b7d376029d0/cosign.pub \
ghcr.io/berriai/litellm:v1.83.6-nightlyVerify using the release tag (convenience):
Tags are protected in this repository and resolve to the same key. This option is easier to read but relies on tag protection rules:
cosign verify \
--key https://raw.githubusercontent.com/BerriAI/litellm/v1.83.6-nightly/cosign.pub \
ghcr.io/berriai/litellm:v1.83.6-nightlyExpected output:
The following checks were performed on each of these signatures:
- The cosign claims were validated
- The signatures were verified against the specified public key
What's Changed
- Litellm docs 1 83 3 by @ishaan-berri in #25166
- [Nit] Small docs fix, fixing img + folder name by @ishaan-berri in #25171
- docs: week 1 checklist by @mubashir1osmani in #25083
- [Docs] Add cosign Docker image verification steps to security blog posts by @yuneng-berri in #25122
- [Infra] Remove flaky proxy_e2e_azure_batches_tests CI workflow by @yuneng-berri in #25247
- [Docs] Enforce Black Formatting in Contributor Docs by @yuneng-berri in #25135
- [Infra] Remove Redundant Matrix Unit Test Workflow by @yuneng-berri in #25251
- feat: add POST /team/permissions_bulk_update endpoint by @ryan-crabbe-berri in #25239
- fix: batch-limit stale managed object cleanup to prevent 300K row UPD… by @ishaan-berri in #25258
- bump litellm-enterprise to 0.1.37 by @ishaan-berri in #25265
- bump litellm version to 1.83.4 by @ishaan-berri in #25266
- Litellm aws gov cloud mode support by @shivamrawat1 in #25254
- [Fix] Update check_responses_cost tests for _expire_stale_rows by @yuneng-berri in #25299
- [Test] UI - E2E: Add Playwright tests with local PostgreSQL by @yuneng-berri in #25126
- [Fix] Dockerfile.non_root: handle missing .npmrc gracefully by @yuneng-berri in #25307
- fix(auth): allow JWT override OAuth2 routing without global OAuth2 enablement by @milan-berri in #25252
- [Infra] Pin cosign.pub verification to initial commit hash by @yuneng-berri in #25273
- [Refactor] Align /v2/key/info response handling with v1 by @yuneng-berri in #25313
- Fix node-gyp symlink path after npm upgrade in Dockerfile by @joereyna in #25048
- [Infra] Bump version 1.83.4 → 1.83.5 by @yuneng-berri in #25316
- fix(mcp): block arbitrary command execution via stdio transport by @Sameerlite in #25343
- [Infra] Migrate Redis caching tests from GHA to CircleCI by @yuneng-berri in #25354
- [Feature] UI E2E Tests: Proxy Admin Team and Key Management by @yuneng-berri in #25365
- Add Ramp as a built-in success callback by @kedarthakkar in #23769
- fix(router): tag-based routing broken when encrypted_content_affinity is enabled by @Sameerlite in #25347
- feat(triton): add embedding usage estimation for self-hosted responses by @Sameerlite in #25345
- fix(router): pass custom_llm_provider to get_llm_provider for unprefixed model names by @Sameerlite in #25334
- Litellm oss staging 04 02 2026 p1 by @krrish-berri-2 in #25055
- feat(cost): add baseten model api pricing entries by @Sameerlite in #25358
- feat(proxy): add credential overrides per team/project via model_config metadata by @michelligabriele in #24438
- docs: add Docker Image Security Guide (cosign verification & deployment best practices) by @krrish-berri-2 in #25439
- fix(test): mock headers in test_completion_fine_tuned_model by @joereyna in #25444
- feat(mcp): add per-user OAuth token storage for interactive MCP flows by @csoni-cweave in #25441
- [Fix] UI: improve storage handling and Dockerfile consistency by @yuneng-berri in #25384
- fix(responses-ws): append ?model= to backend WebSocket URL by @joereyna in #25437
- [Docs] Add missing MCP per-user token env vars to config_settings by @yuneng-berri in #25471
- [Test] UI - Unit tests: raise global vitest timeout and remove per-test overrides by @yuneng-berri in #25468
- refactor: consolidate route auth for UI and API tokens by @ryan-crabbe-berri in #25473
- [Fix] Responses WebSocket Duplicate Keyword Argument Error by @yuneng-berri in #25513
- fix(bedrock): avoid double-counting cache tokens in Anthropic Messages streaming usage by @Sameerlite in #25517
- bump: version 1.83.5 → 1.83.6 by @yuneng-berri in #25528
New Contributors
- @kedarthakkar made their first contribution in #23769
- @csoni-cweave made their first contribution in #25441
Full Changelog: v1.83.3.rc.1...v1.83.6-nightly
Contributors
joereyna, kedarthakkar, and 10 other contributors
Assets 2
v1.82.3.dev.9
10e9a55
This commit was signed with the committer’s verified signature.
yuneng-berri
yuneng-jiang
Verify Docker Image Signature
All LiteLLM Docker images are signed with cosign. Every release is signed with the same key introduced in commit 0112e53.
Verify using the pinned commit hash (recommended):
A commit hash is cryptographically immutable, so this is the strongest way to ensure you are using the original signing key:
cosign verify \
--key https://raw.githubusercontent.com/BerriAI/litellm/0112e53046018d726492c814b3644b7d376029d0/cosign.pub \
ghcr.io/berriai/litellm:v1.82.3.dev.9Verify using the release tag (convenience):
Tags are protected in this repository and resolve to the same key. This option is easier to read but relies on tag protection rules:
cosign verify \
--key https://raw.githubusercontent.com/BerriAI/litellm/v1.82.3.dev.9/cosign.pub \
ghcr.io/berriai/litellm:v1.82.3.dev.9Expected output:
The following checks were performed on each of these signatures:
- The cosign claims were validated
- The signatures were verified against the specified public key
Full Changelog: v1.82.3.dev.6...v1.82.3.dev.9
v1.82.3-stable.patch.4
1e10e5c
This commit was signed with the committer’s verified signature.
yuneng-berri
yuneng-jiang
Verify Docker Image Signature
All LiteLLM Docker images are signed with cosign. Every release is signed with the same key introduced in commit 0112e53.
Verify using the pinned commit hash (recommended):
A commit hash is cryptographically immutable, so this is the strongest way to ensure you are using the original signing key:
cosign verify \
--key https://raw.githubusercontent.com/BerriAI/litellm/0112e53046018d726492c814b3644b7d376029d0/cosign.pub \
ghcr.io/berriai/litellm:v1.82.3-stable.patch.4Verify using the release tag (convenience):
Tags are protected in this repository and resolve to the same key. This option is easier to read but relies on tag protection rules:
cosign verify \
--key https://raw.githubusercontent.com/BerriAI/litellm/v1.82.3-stable.patch.4/cosign.pub \
ghcr.io/berriai/litellm:v1.82.3-stable.patch.4Expected output:
The following checks were performed on each of these signatures:
- The cosign claims were validated
- The signatures were verified against the specified public key
Full Changelog: v1.82.3-stable.patch.2...v1.82.3-stable.patch.4
v1.83.5-nightly
Verify Docker Image Signature
All LiteLLM Docker images are signed with cosign. Every release is signed with the same key introduced in commit 0112e53.
Verify using the pinned commit hash (recommended):
A commit hash is cryptographically immutable, so this is the strongest way to ensure you are using the original signing key:
cosign verify \
--key https://raw.githubusercontent.com/BerriAI/litellm/0112e53046018d726492c814b3644b7d376029d0/cosign.pub \
ghcr.io/berriai/litellm:v1.83.5-nightlyVerify using the release tag (convenience):
Tags are protected in this repository and resolve to the same key. This option is easier to read but relies on tag protection rules:
cosign verify \
--key https://raw.githubusercontent.com/BerriAI/litellm/v1.83.5-nightly/cosign.pub \
ghcr.io/berriai/litellm:v1.83.5-nightlyExpected output:
The following checks were performed on each of these signatures:
- The cosign claims were validated
- The signatures were verified against the specified public key
What's Changed
- docs(blog): add security hardening April 2026 post (#25101) by @ishaan-berri in #25102
- Litellm ishaan april1 try2 by @ishaan-berri in #25110
- bump: version 1.83.1 → 1.83.2 by @ishaan-berri in #25112
- fix(ui): wire team_id filter to key alias dropdown on Virtual Keys tab by @ryan-crabbe-berri in #25114
- fix(ui): add paginated team search to usage page filter by @ryan-crabbe-berri in #25107
- fix(ui): allow changing team organization from team settings by @ryan-crabbe-berri in #25095
- docs: document default_team_params in config reference by @ryan-crabbe-berri in #25032
- feat(teams): resolve access group resources in team endpoints by @ryan-crabbe-berri in #25027
- bump litellm-proxy-extras to 0.4.64 by @ishaan-berri in #25121
- feat(proxy): add project-level guardrails support by @michelligabriele in #25087
- fix(a2a): preserve JSON-RPC envelope for AgentCore A2A-native agents by @michelligabriele in #25092
- feat(ui): add guardrails support to project create/edit forms by @michelligabriele in #25100
- Fix broken codeql-action SHA in scorecard workflow by @joereyna in #24815
- litellm ryan march 31 by @ryan-crabbe-berri in #25119
- [Infra] Building UI for Release by @yuneng-berri in #25136
- fix(ui): don't inject vector_store_ids: [] when editing a model by @ryan-crabbe-berri in #25133
- Litellm ishaan april2 by @ishaan-berri in #25113
- fix(docker): load enterprise hooks in non-root runtime image by @Sameerlite in #24917
- Litellm ishaan march30 (#24887) by @ishaan-berri in #25151
- [Fix] Team Model Update 500 Due to Unsupported Prisma JSON Path Filter by @yuneng-berri in #25152
- Litellm team model group name routing fix (#25148) by @ishaan-berri in #25154
- Litellm ishaan april4 2 by @ishaan-berri in #25150
- feat(ui): expose Azure Entra ID credential fields in provider form by @ryan-crabbe-berri in #25137
- feat(ui): add per-model rate limits to team edit/info views by @ryan-crabbe-berri in #25144
- fix(ui): use entity key for usage export display by @ryan-crabbe-berri in #25153
- Litellm ishaan march23 - MCP Toolsets + GCP Caching fix (#25146) by @ishaan-berri in #25155
- cherry-pick: tag query fix + MCP metadata support by @ishaan-berri in #25145
- feat: allow adding team guardrails from the UI by @ryan-crabbe-berri in #25038
- Litellm ryan apr 4 by @ryan-crabbe-berri in #25156
- [Infra] Rebuild UI for Release by @yuneng-berri in #25158
- bump: version 1.83.2 → 1.83.3 by @yuneng-berri in #25162
- bump litellm-proxy-extras to 0.4.65 by @ishaan-berri in #25163
- bump litellm-enterprise to 0.1.36 by @ishaan-berri in #25164
- fix: regenerate poetry.lock by @ishaan-berri in #25169
- Litellm docs 1 83 3 by @ishaan-berri in #25166
- [Nit] Small docs fix, fixing img + folder name by @ishaan-berri in #25171
- docs: week 1 checklist by @mubashir1osmani in #25083
- [Docs] Add cosign Docker image verification steps to security blog posts by @yuneng-berri in #25122
- [Infra] Remove flaky proxy_e2e_azure_batches_tests CI workflow by @yuneng-berri in #25247
- [Docs] Enforce Black Formatting in Contributor Docs by @yuneng-berri in #25135
- [Infra] Remove Redundant Matrix Unit Test Workflow by @yuneng-berri in #25251
- feat: add POST /team/permissions_bulk_update endpoint by @ryan-crabbe-berri in #25239
- fix: batch-limit stale managed object cleanup to prevent 300K row UPD… by @ishaan-berri in #25258
- bump litellm-enterprise to 0.1.37 by @ishaan-berri in #25265
- bump litellm version to 1.83.4 by @ishaan-berri in #25266
- Litellm aws gov cloud mode support by @shivamrawat1 in #25254
- [Fix] Update check_responses_cost tests for _expire_stale_rows by @yuneng-berri in #25299
- [Test] UI - E2E: Add Playwright tests with local PostgreSQL by @yuneng-berri in #25126
- [Fix] Dockerfile.non_root: handle missing .npmrc gracefully by @yuneng-berri in #25307
- fix(auth): allow JWT override OAuth2 routing without global OAuth2 enablement by @milan-berri in #25252
- [Infra] Pin cosign.pub verification to initial commit hash by @yuneng-berri in #25273
- [Refactor] Align /v2/key/info response handling with v1 by @yuneng-berri in #25313
- Fix node-gyp symlink path after npm upgrade in Dockerfile by @joereyna in #25048
- [Infra] Bump version 1.83.4 → 1.83.5 by @yuneng-berri in #25316
Full Changelog: v1.83.1-nightly...v1.83.5-nightly
Contributors
joereyna, mubashir1osmani, and 7 other contributors
Assets 2
v1.83.3.rc.1
Verify Docker Image Signature
All LiteLLM Docker images are signed with cosign. Every release is signed with the same key introduced in commit 0112e53.
Verify using the pinned commit hash (recommended):
A commit hash is cryptographically immutable, so this is the strongest way to ensure you are using the original signing key:
cosign verify \
--key https://raw.githubusercontent.com/BerriAI/litellm/0112e53046018d726492c814b3644b7d376029d0/cosign.pub \
ghcr.io/berriai/litellm:v1.83.3.rc.1Verify using the release tag (convenience):
Tags are protected in this repository and resolve to the same key. This option is easier to read but relies on tag protection rules:
cosign verify \
--key https://raw.githubusercontent.com/BerriAI/litellm/v1.83.3.rc.1/cosign.pub \
ghcr.io/berriai/litellm:v1.83.3.rc.1Expected output:
The following checks were performed on each of these signatures:
- The cosign claims were validated
- The signatures were verified against the specified public key
What's Changed
- fix(ui): wire team_id filter to key alias dropdown on Virtual Keys tab by @ryan-crabbe-berri in #25114
- fix(ui): add paginated team search to usage page filter by @ryan-crabbe-berri in #25107
- fix(ui): allow changing team organization from team settings by @ryan-crabbe-berri in #25095
- docs: document default_team_params in config reference by @ryan-crabbe-berri in #25032
- feat(teams): resolve access group resources in team endpoints by @ryan-crabbe-berri in #25027
- feat(proxy): add project-level guardrails support by @michelligabriele in #25087
- fix(a2a): preserve JSON-RPC envelope for AgentCore A2A-native agents by @michelligabriele in #25092
- feat(ui): add guardrails support to project create/edit forms by @michelligabriele in #25100
- Fix broken codeql-action SHA in scorecard workflow by @joereyna in #24815
- litellm ryan march 31 by @ryan-crabbe-berri in #25119
- [Infra] Building UI for Release by @yuneng-berri in #25136
- fix(ui): don't inject vector_store_ids: [] when editing a model by @ryan-crabbe-berri in #25133
- Litellm ishaan april2 by @ishaan-berri in #25113
- fix(docker): load enterprise hooks in non-root runtime image by @Sameerlite in #24917
- Litellm ishaan march30 (#24887) by @ishaan-berri in #25151
- [Fix] Team Model Update 500 Due to Unsupported Prisma JSON Path Filter by @yuneng-berri in #25152
- Litellm team model group name routing fix (#25148) by @ishaan-berri in #25154
- Litellm ishaan april4 2 by @ishaan-berri in #25150
- feat(ui): expose Azure Entra ID credential fields in provider form by @ryan-crabbe-berri in #25137
- feat(ui): add per-model rate limits to team edit/info views by @ryan-crabbe-berri in #25144
- fix(ui): use entity key for usage export display by @ryan-crabbe-berri in #25153
- Litellm ishaan march23 - MCP Toolsets + GCP Caching fix (#25146) by @ishaan-berri in #25155
- cherry-pick: tag query fix + MCP metadata support by @ishaan-berri in #25145
- feat: allow adding team guardrails from the UI by @ryan-crabbe-berri in #25038
- Litellm ryan apr 4 by @ryan-crabbe-berri in #25156
- [Infra] Rebuild UI for Release by @yuneng-berri in #25158
- bump: version 1.83.2 → 1.83.3 by @yuneng-berri in #25162
- bump litellm-proxy-extras to 0.4.65 by @ishaan-berri in #25163
- bump litellm-enterprise to 0.1.36 by @ishaan-berri in #25164
- fix: regenerate poetry.lock by @ishaan-berri in #25169
Full Changelog: v1.83.2-nightly...v1.83.3.rc.1
Contributors
joereyna, ishaan-berri, and 4 other contributors