v1.90.0
📦 litellmView on GitHub →
✨ 14 features🐛 24 fixes🔧 10 symbols
Summary
This release introduces Docker image signing via cosign for enhanced security and adds support for the new Claude Fable 5 model across multiple providers. Numerous fixes and improvements were made across the UI, MCP handling, and rate limit error standardization.
Migration Steps
- To verify Docker images, use the provided `cosign verify` command, preferably using the pinned commit hash for the strongest verification.
- If using JWT authentication, note that there is now an opt-in fallback to the DB team if a JWT claim cannot be resolved.
✨ New Features
- Docker images are now signed with cosign; verification instructions provided.
- Forward strict and additionalProperties to Converse toolSpec for Bedrock.
- Added budget duration to edit team member form in the UI.
- Standardized rate limit errors to include category, rate_limit_type, model, and llm_provider fields.
- Added models and repository layers to LiteLLM core.
- Included internal routes in the dashboard's generated OpenAPI types.
- Published /v2/model/info endpoint in the Swagger OpenAPI spec.
- Added health check support for UI callback test in Galileo.
- Added opt-in fallback to DB team on unresolved JWT claim for JWT authentication.
- Included organization metadata in Vantage FOCUS Tags export.
- Added MAI-Image-2.5 image generation support for Azure AI.
- Added support for Claude Fable 5 across Anthropic, Bedrock, Vertex AI, and Azure AI.
- Added Claude Fable 5 cost map entries (data-only hotfix for the hosted map).
- Added admin flag to disable in-product UI nudges for everyone.
🐛 Bug Fixes
- Mapped system-only chat request to system input item in responses-bridge.
- Highlighted MCP cards red when the logged-in user is missing per-user environment variables.
- Made workflow runs page fill full width in the UI.
- Defaulted guardrails page to the Guardrails tab in the UI.
- Kept create guardrail modal open on outside click in the UI.
- Labeled default key type as "Full Access" on the key edit page in the UI.
- Unified migrated-route URLs and migrated the API Reference page.
- Allowed non-creator users to OAuth into OBO-mode MCP servers from the Tools page.
- Allowed deleting a BYOK model after its team is deleted.
- Prevented blocking /team/update on unchanged team budget.
- Enabled tool calling for glm-5p1 in the Fireworks model cost map.
- Propagated Vertex AI metadata in streaming success callbacks.
- Showed team projects to internal users on key creation.
- Deleted a team's BYOK models when the team is deleted.
- Read CrowdStrike AIDR identity from both metadata bags in guardrails.
- Mirrored upstream token lifetime instead of forcing a 1h OBO expiry for MCP.
- Loaded MCP tool configuration tools via the OBO/passthrough-aware GET path.
- Reserved team budget raises for proxy admins on /team/update.
- Extended response headers hook to streaming, TTS, image gen, and pass-through.
- Reset OAuth state on create-server modal close to prevent token leakage into the next add-server session.
- Allowed team access-group grants in OAuth authorize/token access check.
- Authorized batch files using upload target_model_names (LIT-3593) in the proxy.
- Restored stored prompt_tokens on embedding cache hits instead of recomputing.
- Self-healed startup/reload prisma reads on engine disconnect in the proxy.