v1.84.5
📦 litellmView on GitHub →
✨ 1 features
Summary
This release introduces cryptographic signing for all LiteLLM Docker images using cosign to enhance supply chain security. It backports several staged fixes into the stable branch.
Migration Steps
- To verify Docker image signatures using the recommended method, use the following command, replacing the commit hash if necessary: cosign verify \ --key https://raw.githubusercontent.com/BerriAI/litellm/0112e53046018d726492c814b3644b7d376029d0/cosign.pub \ ghcr.io/berriai/litellm:v1.84.5
- Alternatively, for convenience, verify using the release tag: cosign verify \ --key https://raw.githubusercontent.com/BerriAI/litellm/v1.84.5/cosign.pub \ ghcr.io/berriai/litellm:v1.84.5
✨ New Features
- LiteLLM Docker images are now signed with cosign, allowing users to verify image integrity using either a pinned commit hash or the release tag.