v1.92.0-rc.1
📦 litellmView on GitHub →
✨ 8 features🐛 12 fixes🔧 2 symbols
Summary
This release introduces Docker image signature verification using cosign and adds several features to MCP, guardrails, and the UI, alongside numerous bug fixes across Anthropic integration, proxy security, and CI stability.
Migration Steps
- Users running Docker images should verify signatures using the provided cosign commands, preferably using the pinned commit hash for maximum security.
✨ New Features
- Added all-proxy-mcpservers sentinel to grant teams every MCP server.
- Added unreachable_fallback fail-open option to headroom guardrail.
- Added budget fallbacks configuration to key create/edit forms in the UI.
- Migrated the token_exchange (OBO) arm to the v2 resolver.
- Made token_exchange (OBO) production-ready, including discovery threading, audit hardening, and RFC 9728 challenge.
- Discovered the OBO token endpoint via RFC 9728 -> RFC 8414 (no IdP guessing).
- Migrated chat UI from antd to shadcn/ui and added key management and usage panels.
- Added api_provider label to token, latency, request, and cache Prometheus metrics.
🐛 Bug Fixes
- Fixed Anthropic context_management when drop_params is enabled.
- Stopped flakey ui_unit_tests vitest onTaskUpdate RPC timeout.
- Prevented duplicate budget alert emails on concurrent threshold crossings.
- Masked provider credentials embedded in fallback error messages in the router.
- Routed realtime HTTP endpoints through the router for credential handling in the proxy.
- Stopped leaking master_key and database_url in startup DEBUG logs.
- Rejected non-existent team/key/model scope entries on attachment create.
- Required caller api_key and SSRF-validated api_base in the Anthropic advisor tool.
- Kept serving reads from the read replica when the primary DB is down at startup.
- Stored cost breakdown for /v1/realtime sessions.
- Returned upstream error bodies unchanged in passthrough mode for the proxy.
- Fixed Anthropic streaming to bill 1h prompt-cache writes at the 1h rate.