Change8

v1.85.1

📦 litellmView on GitHub →
1 features

Summary

This release introduces cryptographic signing for all LiteLLM Docker images using cosign to enhance supply chain security and provides instructions for signature verification.

Migration Steps

  1. To verify Docker image signatures using the recommended method, use the following command, replacing the commit hash if necessary: cosign verify --key https://raw.githubusercontent.com/BerriAI/litellm/0112e53046018d726492c814b3644b7d376029d0/cosign.pub ghcr.io/berriai/litellm:v1.85.1
  2. Alternatively, verify using the release tag: cosign verify --key https://raw.githubusercontent.com/BerriAI/litellm/v1.85.1/cosign.pub ghcr.io/berriai/litellm:v1.85.1

✨ New Features

  • LiteLLM Docker images are now signed with cosign, allowing users to cryptographically verify image integrity using either a pinned commit hash or the release tag.