Change8

v1.83.7-stable

📦 litellmView on GitHub →
9 features🐛 21 fixes🔧 16 symbols

Summary

This release introduces enhanced Docker image security via cosign signature verification and adds several new features, including AWS Gov Cloud support and new proxy management endpoints. Numerous bug fixes address issues related to database cleanup, routing logic, and Dockerfile consistency.

Migration Steps

  1. Users relying on Docker images should verify signatures using the provided cosign commands, preferably using the pinned commit hash for maximum security.
  2. If using tag-based routing, ensure custom_llm_provider is passed correctly if model names are unprefixed.

✨ New Features

  • Added support for AWS Gov Cloud mode in LiteLLM.
  • Implemented POST /team/permissions_bulk_update endpoint.
  • Added Ramp as a built-in success callback.
  • Added embedding usage estimation for self-hosted responses via Triton.
  • Added baseten model API pricing entries.
  • Added credential overrides per team/project via model_config metadata in the proxy.
  • Added per-user OAuth token storage for interactive MCP flows.
  • Support for Anthropic tool type advisor_20260301.
  • Added optional skip system message in unified guardrail inputs.

🐛 Bug Fixes

  • Fixed batch-limit stale managed object cleanup to prevent large database updates (300K row UPD...).
  • Updated check_responses_cost tests for _expire_stale_rows.
  • Fixed Dockerfile.non_root to handle missing .npmrc gracefully.
  • Allowed JWT override OAuth2 routing without global OAuth2 enablement.
  • Fixed node-gyp symlink path after npm upgrade in Dockerfile.
  • Blocked arbitrary command execution via stdio transport in MCP.
  • Fixed tag-based routing when encrypted_content_affinity is enabled.
  • Fixed router to pass custom_llm_provider to get_llm_provider for unprefixed model names.
  • Mocked headers in test_completion_fine_tuned_model.
  • Improved storage handling and Dockerfile consistency in the UI.
  • Fixed responses-ws to append ?model= to backend WebSocket URL.
  • Improved input validation on management endpoints in the proxy.
  • Used parameterized query for combined_view token lookup in the proxy.
  • Harden file path resolution in skill archive extraction.
  • Fixed Responses WebSocket Duplicate Keyword Argument Error.
  • Avoided double-counting cache tokens in Bedrock Anthropic Messages streaming usage.
  • Aligned v1 guardrail and agent list responses with v2 field handling.
  • Flushed Tremor Tooltip timers in user_edit_view tests.
  • Fixed a2a client default 60 second timeout for create a2a.
  • Ensured spend/cost logging runs when stream=True for websearch_interception.
  • Mapped refusal stop_reason to incomplete status in streaming responses.

Affected Symbols

_expire_stale_rowscheck_responses_costDockerfile.non_rootget_llm_providertest_completion_fine_tuned_modelresponses-wsmanagement endpointscombined_view token lookupskill archive extractionResponses WebSocketAnthropic Messages streaming usagev1 guardrail and agent list responsesuser_edit_view testsa2a clientwebsearch_interceptionrefusal stop_reason