Releases: BerriAI/litellm
v1.83.5-nightly
Verify Docker Image Signature
All LiteLLM Docker images are signed with cosign. Every release is signed with the same key introduced in commit 0112e53.
Verify using the pinned commit hash (recommended):
A commit hash is cryptographically immutable, so this is the strongest way to ensure you are using the original signing key:
cosign verify \
--key https://raw.githubusercontent.com/BerriAI/litellm/0112e53046018d726492c814b3644b7d376029d0/cosign.pub \
ghcr.io/berriai/litellm:v1.83.5-nightlyVerify using the release tag (convenience):
Tags are protected in this repository and resolve to the same key. This option is easier to read but relies on tag protection rules:
cosign verify \
--key https://raw.githubusercontent.com/BerriAI/litellm/v1.83.5-nightly/cosign.pub \
ghcr.io/berriai/litellm:v1.83.5-nightlyExpected output:
The following checks were performed on each of these signatures:
- The cosign claims were validated
- The signatures were verified against the specified public key
What's Changed
- docs(blog): add security hardening April 2026 post (#25101) by @ishaan-berri in #25102
- Litellm ishaan april1 try2 by @ishaan-berri in #25110
- bump: version 1.83.1 → 1.83.2 by @ishaan-berri in #25112
- fix(ui): wire team_id filter to key alias dropdown on Virtual Keys tab by @ryan-crabbe-berri in #25114
- fix(ui): add paginated team search to usage page filter by @ryan-crabbe-berri in #25107
- fix(ui): allow changing team organization from team settings by @ryan-crabbe-berri in #25095
- docs: document default_team_params in config reference by @ryan-crabbe-berri in #25032
- feat(teams): resolve access group resources in team endpoints by @ryan-crabbe-berri in #25027
- bump litellm-proxy-extras to 0.4.64 by @ishaan-berri in #25121
- feat(proxy): add project-level guardrails support by @michelligabriele in #25087
- fix(a2a): preserve JSON-RPC envelope for AgentCore A2A-native agents by @michelligabriele in #25092
- feat(ui): add guardrails support to project create/edit forms by @michelligabriele in #25100
- Fix broken codeql-action SHA in scorecard workflow by @joereyna in #24815
- litellm ryan march 31 by @ryan-crabbe-berri in #25119
- [Infra] Building UI for Release by @yuneng-berri in #25136
- fix(ui): don't inject vector_store_ids: [] when editing a model by @ryan-crabbe-berri in #25133
- Litellm ishaan april2 by @ishaan-berri in #25113
- fix(docker): load enterprise hooks in non-root runtime image by @Sameerlite in #24917
- Litellm ishaan march30 (#24887) by @ishaan-berri in #25151
- [Fix] Team Model Update 500 Due to Unsupported Prisma JSON Path Filter by @yuneng-berri in #25152
- Litellm team model group name routing fix (#25148) by @ishaan-berri in #25154
- Litellm ishaan april4 2 by @ishaan-berri in #25150
- feat(ui): expose Azure Entra ID credential fields in provider form by @ryan-crabbe-berri in #25137
- feat(ui): add per-model rate limits to team edit/info views by @ryan-crabbe-berri in #25144
- fix(ui): use entity key for usage export display by @ryan-crabbe-berri in #25153
- Litellm ishaan march23 - MCP Toolsets + GCP Caching fix (#25146) by @ishaan-berri in #25155
- cherry-pick: tag query fix + MCP metadata support by @ishaan-berri in #25145
- feat: allow adding team guardrails from the UI by @ryan-crabbe-berri in #25038
- Litellm ryan apr 4 by @ryan-crabbe-berri in #25156
- [Infra] Rebuild UI for Release by @yuneng-berri in #25158
- bump: version 1.83.2 → 1.83.3 by @yuneng-berri in #25162
- bump litellm-proxy-extras to 0.4.65 by @ishaan-berri in #25163
- bump litellm-enterprise to 0.1.36 by @ishaan-berri in #25164
- fix: regenerate poetry.lock by @ishaan-berri in #25169
- Litellm docs 1 83 3 by @ishaan-berri in #25166
- [Nit] Small docs fix, fixing img + folder name by @ishaan-berri in #25171
- docs: week 1 checklist by @mubashir1osmani in #25083
- [Docs] Add cosign Docker image verification steps to security blog posts by @yuneng-berri in #25122
- [Infra] Remove flaky proxy_e2e_azure_batches_tests CI workflow by @yuneng-berri in #25247
- [Docs] Enforce Black Formatting in Contributor Docs by @yuneng-berri in #25135
- [Infra] Remove Redundant Matrix Unit Test Workflow by @yuneng-berri in #25251
- feat: add POST /team/permissions_bulk_update endpoint by @ryan-crabbe-berri in #25239
- fix: batch-limit stale managed object cleanup to prevent 300K row UPD… by @ishaan-berri in #25258
- bump litellm-enterprise to 0.1.37 by @ishaan-berri in #25265
- bump litellm version to 1.83.4 by @ishaan-berri in #25266
- Litellm aws gov cloud mode support by @shivamrawat1 in #25254
- [Fix] Update check_responses_cost tests for _expire_stale_rows by @yuneng-berri in #25299
- [Test] UI - E2E: Add Playwright tests with local PostgreSQL by @yuneng-berri in #25126
- [Fix] Dockerfile.non_root: handle missing .npmrc gracefully by @yuneng-berri in #25307
- fix(auth): allow JWT override OAuth2 routing without global OAuth2 enablement by @milan-berri in #25252
- [Infra] Pin cosign.pub verification to initial commit hash by @yuneng-berri in #25273
- [Refactor] Align /v2/key/info response handling with v1 by @yuneng-berri in #25313
- Fix node-gyp symlink path after npm upgrade in Dockerfile by @joereyna in #25048
- [Infra] Bump version 1.83.4 → 1.83.5 by @yuneng-berri in #25316
Full Changelog: v1.83.1-nightly...v1.83.5-nightly
v1.82.3.dev.7
Verify Docker Image Signature
All LiteLLM Docker images are signed with cosign. To verify the integrity of an image before deploying:
cosign verify \
--key https://raw.githubusercontent.com/BerriAI/litellm/v1.82.3.dev.7/cosign.pub \
ghcr.io/berriai/litellm:v1.82.3.dev.7Expected output:
The following checks were performed on each of these signatures:
- The cosign claims were validated
- The signatures were verified against the specified public key
Full Changelog: v1.82.3.dev.5...v1.82.3.dev.7
v1.82.3.dev.6
Verify Docker Image Signature
All LiteLLM Docker images are signed with cosign. To verify the integrity of an image before deploying:
cosign verify \
--key https://raw.githubusercontent.com/BerriAI/litellm/v1.82.3.dev.6/cosign.pub \
ghcr.io/berriai/litellm:v1.82.3.dev.6Expected output:
The following checks were performed on each of these signatures:
- The cosign claims were validated
- The signatures were verified against the specified public key
Full Changelog: v1.82.3.dev.5...v1.82.3.dev.6
v1.83.1-nightly
This release was from the LiteLLM team. We are testing out a new signing process and it is safe to use.
This was a test release from us and co sign verify will not work for this release as we are testing a new cosign workflow from us.
v1.83.0-nightly
Verifying the Docker Image
cosign verify --insecure-ignore-tlog=true --key https://raw.githubusercontent.com/BerriAI/litellm/main/cosign.pub \
ghcr.io/berriai/litellm:v1.83.0-nightly
Output:
Verification for ghcr.io/berriai/litellm:v1.83.0-nightly --
The following checks were performed on each of these signatures:
- The cosign claims were validated
- The signatures were verified against the specified public key
What's Changed
- ci: skip scheduled workflows on forks by @DmitriyAlergant in #24460
- fix(proxy): ignore return_to in SSO when control_plane_url is not con… by @ryan-crabbe in #24475
- Correct documentation of completion_model by @benlangfeld in #24413
- chore: migrate route_preview.tsx from Tremor to Ant Design by @ryan-crabbe in #24485
- docs: add audit log export to S3 documentation by @ryan-crabbe in #24486
- fix(security_scans.sh): pin trivvy version by @krrish-berri-2 in #24525
- docs: add security update blog post for March 2026 supply chain incident by @ryan-crabbe-berri in #24537
- docs: minor updates to security update blog post by @ishaan-berri in #24540
- ci: remove publish-migrations and reset_stable workflows by @ishaan-berri in #24541
- security: remove .claude/settings.json and block re-adding via semgrep by @ishaan-berri in #24584
- docs: remove phone numbers from readme and docs by @ishaan-berri in #24587
- Litellm ryan march 23 by @ryan-crabbe in #24490
- [Infra] Pins GitHub Action workflows to specific hashes by @yuneng-berri in #24594
- docs(opencode): add guidance for dropping reasoningSummary param by @Sameerlite in #24468
- [Infra] Pin GHA dependencies and remove unused load test files by @yuneng-berri in #24607
- Update README.md by @ishaan-berri in #24649
- [Infra] Migrate PyPI Publishing from CircleCI to GitHub Actions OIDC by @yuneng-berri in #24654
- Add zizmor to ci/cd by @krrish-berri-2 in #24663
- feat(prometheus): add metrics for managed batch lifecycle by @Sameerlite in #24691
- feat(openai): round-trip Responses API reasoning_items in chat completions by @Sameerlite in #24690
- feat(fine-tuning): fix Azure OpenAI fine-tuning job creation by @Sameerlite in #24687
- feat(gemini): add gemini-3.1-flash-live-preview to model cost map by @Sameerlite in #24665
- feat(gemini): normalize AI Studio file retrieve URL by @Sameerlite in #24662
- fix(anthropic): strip undocumented keys from metadata before sending to API by @Sameerlite in #24661
- Litellm security townhall blog by @krrish-berri-2 in #24692
- fix(proxy): sanitize user_id input and block dangerous env var keys by @Sameerlite in #24624
- feat(gemini): Lyria 3 preview models in cost map and docs by @Sameerlite in #24610
- fix(openrouter): strip routing prefix for wildcard proxy deployments by @Sameerlite in #24603
- fix(pricing): remove above_200k_tokens price tiers for claude-opus-4-6 and claude-sonnet-4-6 by @Sameerlite in #24689
- fix(team-routing): preserve sibling deployment candidates for team public models by @Sameerlite in #24688
- [Fix] Pin Prisma Node.js dependency in CI workflows by @yuneng-berri in #24696
- [Infra] Improve CodeQL scanning coverage and schedule by @yuneng-berri in #24697
- fix(proxy): enforce budget limits across multi-pod deployments via Redis-backed spend counters by @michelligabriele in #24682
- [Infra] Automated schema.prisma sync and drift detection by @yuneng-berri in #24705
- fix: add /user/bulk_update to management routes by @ryan-crabbe-berri in #24708
- fix(sso): pass decoded JWT access token to role mapping during SSO login by @ryan-crabbe-berri in #24701
- fix(auth): guard JWTHandler.is_jwt() against None token by @ryan-crabbe-berri in #24706
- fix(ui): refactor budget page to React Query hooks and fix crashes by @ryan-crabbe-berri in #24711
- fix(jwt): invalidate user cache after role/team sync updates by @ryan-crabbe-berri in #24717
- litellm ryan march 26 by @ryan-crabbe-berri in #24718
- [Infra] Isolate unit test workflows with hardened security posture by @yuneng-berri in #24740
- [Fix] Test Isolation and Path Resolution for GHA Unit Tests by @yuneng-berri in #24741
- [Infra] Add unit test workflows for Postgres, Redis, and security suites by @yuneng-berri in #24742
- Feat/prometheus org budget metrics by @J-Byron in #24449
- Bedrock: move native structured output model list to cost JSON, add Sonnet 4.6 by @ndgigliotti in #23794
- [Infra] Remove CircleCI jobs now covered by GitHub Actions by @yuneng-berri in #24754
- Litellm test cleanup by @krrish-berri-2 in #24755
- [Fix] Remove NLP_CLOUD_API_KEY requirement from test_exceptions by @yuneng-berri in #24756
- Litellm vanta announcement by @krrish-berri-2 in #24800
- adopt OpenSSF Scorecard (https://scorecard.dev/) by @krrish-berri-2 in #24792
- [Test] Mock DeepInfra completion tests to avoid real API calls by @yuneng-berri in #24805
- [Refactor] Extract helper methods in guardrail handlers to fix PLR0915 by @yuneng-berri in #24802
- [Fix] Mypy Type Errors in Responses Transformation, Spend Tracking, and PagerDuty by @yuneng-berri in #24803
- [Fix] Update gemini-2.0-flash to gemini-2.5-flash in test_gemini by @yuneng-berri in #24817
- [Fix] Router code coverage CI failure for health check filter tests by @yuneng-berri in #24812
- [Fix] WatsonX Tests Failing on CI Due to Missing Env Vars by @yuneng-berri in #24814
- [Fix] Correct kwarg name in test_user_api_key_auth tests by @yuneng-berri in #24820
- fix(responses): emit content_part.added event for non-OpenAI models by @nielei3 in #24445
- Fix returned model when batch completions is used - return picked model, not comma-separated list by @krrish-berri-2 in #24753
- [Test] Move Snowflake Mocked Tests to Unit Test Directory by @yuneng-berri in #24822
- [Fix] Use correct Redis env vars and fix Azure AD token test mocking by @yuneng-berri in #24824
- chore: fixes by @jaydns in #24823
- test: use dynamic db by @krrish-berri-2 in #24827
- [Fix] Failure callbacks silently skipped when customLogger not initialized by @yuneng-berri in #24826
- bump: litellm-proxy-extras 0.4.61 → 0.4.62 for schema changes by @krrish-berri-2 in #24828
- [Security] - Pin
axios=1.13.6by @ishaan-berri in #24829 - [Test] Move test_add_and_delete_model to Mock Test by @yuneng-berri in #24837
- [Infra] Bump Version to 1.83.0 by @yuneng-berri in #24840
New Contributors
- @benlangfeld made their first contribution in #24413
- @J-Byron made their first contribution in #24449
- @jaydns made their first contribution in #24823
Full Changelog: v1.82.6.dev2...v1.83.0-nightly
v1.82.6.rc.2
Full Changelog: v1.82.6.dev1...v1.82.6.rc.2
v1.82.6.dev2
What's Changed
- fix(proxy): post-call guardrail response not captured for logging by @michelligabriele in #23910
- feat(prometheus): include spend_logs_metadata in custom labels by @krrishdholakia in #24434
- feat(proxy): add project_alias tracking in callbacks by @krrishdholakia in #24432
Full Changelog: v1.82.5.dev.1...v1.82.6.dev2
v1.82.3-stable.patch.2
What's Changed
- fix: don't close HTTP/SDK clients on LLMClientCache eviction by @ishaan-jaff in #22926
- [Feature] UI - Keys: Add Organization Dropdown to Create/Edit Key by @yuneng-jiang in #23595
- [Test] UI - Add Unit Tests for 5 Untested Components by @yuneng-jiang in #23607
- [Feature] UI - Internal Users: Add/Remove Team Membership by @yuneng-jiang in #23638
- [Feature] UI - Default Team Settings: Modernize page and fix defaults application by @yuneng-jiang in #23614
- [Fix] Tag list endpoint 500 from invalid Prisma group_by kwargs by @yuneng-jiang in #23606
- [Feature] UI - Usage: Auto-paginate daily spend data by @yuneng-jiang in #23622
- [Infra] Merge internal dev 3/13 with main by @yuneng-jiang in #23658
- feat: add sagemaker_nova provider for Amazon Nova models on SageMaker by @ryanh-ai in #21542
- [Fix] Team Admin 403 on /user/filter/ui With Org Scope Flag by @yuneng-jiang in #23671
- fix: redact secrets from proxy log output by @ryan-crabbe in #23668
- fix: prisma migrate deploy failures on pre-existing instances by @krrishdholakia in #23655
- [Fix] Hanging CI Tests in custom_httpx test_http_handler by @yuneng-jiang in #23674
- Add CodSpeed continuous performance benchmarks by @codspeed-hq[bot] in #23676
- [Infra] Merge internal dev with main by @yuneng-jiang in #23654
- Litellm fix redaction filter logging v2 by @ryan-crabbe in #23667
- [Fix] Bump PyJWT to ^2.12.0 for Security by @yuneng-jiang in #23678
- Root cause fix - migrate all logging update to use 1 function - for centralized kwarg updates by @krrishdholakia in #23659
- fix: make db migration failure exit opt-in via --enforce_prisma_migration_check by @krrishdholakia in #23675
- [Infra] Optimize CI Pipeline by @yuneng-jiang in #23721
New Contributors
- @codspeed-hq[bot] made their first contribution in #23676
Full Changelog: v1.82.0.patch5...v1.82.3-stable.patch.2
v1.82.3-stable.patch.1
What's Changed
- fix: don't close HTTP/SDK clients on LLMClientCache eviction by @ishaan-jaff in #22926
- [Feature] UI - Keys: Add Organization Dropdown to Create/Edit Key by @yuneng-jiang in #23595
- [Test] UI - Add Unit Tests for 5 Untested Components by @yuneng-jiang in #23607
- [Feature] UI - Internal Users: Add/Remove Team Membership by @yuneng-jiang in #23638
- [Feature] UI - Default Team Settings: Modernize page and fix defaults application by @yuneng-jiang in #23614
- [Fix] Tag list endpoint 500 from invalid Prisma group_by kwargs by @yuneng-jiang in #23606
- [Feature] UI - Usage: Auto-paginate daily spend data by @yuneng-jiang in #23622
- [Infra] Merge internal dev 3/13 with main by @yuneng-jiang in #23658
- feat: add sagemaker_nova provider for Amazon Nova models on SageMaker by @ryanh-ai in #21542
- [Fix] Team Admin 403 on /user/filter/ui With Org Scope Flag by @yuneng-jiang in #23671
- fix: redact secrets from proxy log output by @ryan-crabbe in #23668
- fix: prisma migrate deploy failures on pre-existing instances by @krrishdholakia in #23655
- [Fix] Hanging CI Tests in custom_httpx test_http_handler by @yuneng-jiang in #23674
- Add CodSpeed continuous performance benchmarks by @codspeed-hq[bot] in #23676
- [Infra] Merge internal dev with main by @yuneng-jiang in #23654
- Litellm fix redaction filter logging v2 by @ryan-crabbe in #23667
- [Fix] Bump PyJWT to ^2.12.0 for Security by @yuneng-jiang in #23678
- Root cause fix - migrate all logging update to use 1 function - for centralized kwarg updates by @krrishdholakia in #23659
- fix: make db migration failure exit opt-in via --enforce_prisma_migration_check by @krrishdholakia in #23675
- [Infra] Optimize CI Pipeline by @yuneng-jiang in #23721
New Contributors
- @codspeed-hq[bot] made their first contribution in #23676
Full Changelog: v1.82.0.patch5...v1.82.3-stable.patch.1
v1.82.6.dev1
Full Changelog: v1.82.6.rc.1...v1.82.6.dev1