From f7f77d0cf41ffb040e4c6d17069364a72017200e Mon Sep 17 00:00:00 2001 From: Yuneng Jiang Date: Fri, 24 Apr 2026 23:18:04 -0700 Subject: [PATCH] docs: clarify intent of empty-dict handle_key_type call in regenerate --- .../proxy/management_endpoints/key_management_endpoints.py | 6 ++++++ 1 file changed, 6 insertions(+) diff --git a/litellm/proxy/management_endpoints/key_management_endpoints.py b/litellm/proxy/management_endpoints/key_management_endpoints.py index 0b55b94584..590e51b4ba 100644 --- a/litellm/proxy/management_endpoints/key_management_endpoints.py +++ b/litellm/proxy/management_endpoints/key_management_endpoints.py @@ -3972,6 +3972,12 @@ async def regenerate_key_fn( # noqa: PLR0915 # Mirror /key/generate's post-handle_key_type recheck so a # non-admin can't elevate via a key_type preset that the # regenerate flow would otherwise carry through unchecked. + # The empty dict is intentional — `handle_key_type` is reused + # purely as a side-effect-free lookup of the preset bucket, not + # to mutate an existing `data_json`. Do not pass a real + # `data_json` here; that path would write the derived routes + # into the DB update payload and is owned by + # `_common_key_generation_helper`. _check_allowed_routes_caller_permission( allowed_routes=handle_key_type(data, {}).get("allowed_routes"), user_api_key_dict=user_api_key_dict,