Commit Graph
36304 Commits
Author SHA1 Message Date
ryan-crabbe-berriandGitHub 2eb3c20e76 Merge pull request #24718 from BerriAI/litellm_ryan-march-26
litellm ryan march 26
2026-03-28 09:01:11 -07:00
ryan-crabbe-berriandGitHub 726a34627c Merge pull request #24717 from BerriAI/litellm_fix-user-cache-invalidation
fix(jwt): invalidate user cache after role/team sync updates
2026-03-27 19:50:41 -07:00
ryan-crabbe-berriandGitHub 7907e5e126 Merge pull request #24711 from BerriAI/litellm_fix-edit-budget
fix(ui): refactor budget page to React Query hooks and fix crashes
2026-03-27 19:49:30 -07:00
Ryan Crabbe dd11e77852 fix: add explicit TTL to cache writes and test coverage for user cache invalidation
Add DEFAULT_MANAGEMENT_OBJECT_IN_MEMORY_CACHE_TTL to both async_set_cache
calls in sync_user_role_and_teams for consistency with all other user cache
writes. Add 3 tests covering cache invalidation on role change, team change,
and no-op when nothing changes.
2026-03-27 19:45:13 -07:00
Ryan CrabbeandRyan Crabbe 2ece79930b fix(jwt): invalidate user cache after role/team sync updates
sync_user_role_and_teams updates the DB when a user's JWT role changes,
but the in-memory cache retained the stale role until TTL expiry. This
caused subsequent requests to see the old role for up to 60 seconds.

Fix: accept user_api_key_cache parameter and re-cache the updated user
object after both role and team membership DB writes.
2026-03-27 19:36:38 -07:00
Ryan Crabbe 98ecf17550 fix(ui): refactor budget page to React Query hooks and fix crashes
- Migrate budget CRUD from manual state to React Query hooks (useBudgets, useCreateBudget, useUpdateBudget, useDeleteBudget)
- Fix crash when budget list contains null entries by filtering in query hook
- Fix max_budget type from string to number to match DB schema (double precision)
- Disable budget_id field in edit modal to prevent accidental changes
- Use budget_id as React key instead of array index
- Update tests to mock hooks instead of networking functions
2026-03-27 19:34:24 -07:00
ryan-crabbe-berriandGitHub 5b651048f2 Merge pull request #24706 from BerriAI/litellm_fix-jwt-none-guard
fix(auth): guard JWTHandler.is_jwt() against None token
2026-03-27 18:06:24 -07:00
ryan-crabbe-berriandGitHub a533de0b08 Merge pull request #24701 from BerriAI/litellm_fix-jwt-role-mappings
fix(sso): pass decoded JWT access token to role mapping during SSO login
2026-03-27 18:06:15 -07:00
ryan-crabbe-berriandGitHub 52e9ca7a73 Merge pull request #24708 from BerriAI/litellm_fix-bulk-update
fix: add /user/bulk_update to management routes
2026-03-27 18:05:16 -07:00
Ryan Crabbe 0c67f274e5 docs: add /user/bulk_update to internal_user_endpoints module docstring 2026-03-27 18:01:08 -07:00
Ryan Crabbe a5ff668f5e fix: add /user/bulk_update to management_routes so proxy admins can access it
/user/bulk_update was missing from the management_routes list in _types.py,
causing it to fall through to a 403 in non_proxy_admin_allowed_routes_check
even for proxy admin users. Also added it to the PROXY_ADMIN_VIEW_ONLY
blocked write operations list in route_checks.py to prevent view-only
admins from using it.
2026-03-27 17:50:42 -07:00
yuneng-jiangandGitHub fe080a86b2 Merge pull request #24705 from BerriAI/litellm_auto_schema_sync
[Infra] Automated schema.prisma sync and drift detection
2026-03-27 17:08:23 -07:00
yuneng-jiangandGitHub 846e4b44b6 Merge pull request #24682 from michelligabriele/fix/budget-spend-counters
fix(proxy): enforce budget limits across multi-pod deployments via Redis-backed spend counters
2026-03-27 16:59:23 -07:00
Ryan Crabbe 8e3755931d test(auth): add regression tests for JWTHandler.is_jwt(None)
Add None-token test cases to both proxy_unit_tests and test_litellm
to cover the guard added in the previous commit. Also add -> bool
return type annotation to is_jwt().
2026-03-27 16:51:08 -07:00
Ryan Crabbe e36ab04a18 fix(auth): guard JWTHandler.is_jwt() against None token
When JWT auth is enabled and a request arrives without an Authorization
header (e.g. health checks, monitoring), api_key is None due to
APIKeyHeader(auto_error=False). The is_jwt() call crashes with
AttributeError: 'NoneType' object has no attribute 'split'.

Return False for None tokens since they are not JWTs.
2026-03-27 16:51:08 -07:00
Yuneng JiangandClaude Opus 4.6 a074d1d68b [Infra] Mirror litellm_table_patch source changes (no binaries)
Cherry-pick source-only changes from litellm_table_patch, excluding
build artifacts from the incident response period.

- Remove destructive DROP COLUMN migration (20260311180521_schema_sync)
- Remove now-unnecessary restore migration (20260327232350)
- Bump litellm-proxy-extras 0.4.60 → 0.4.61
- Add regression test to block future DROP COLUMN migrations
- Fix double error handling in getTeamPermissionsCall

Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
2026-03-27 16:45:12 -07:00
Yuneng JiangandClaude Opus 4.6 46b92da0bd [Infra] Add migration for restored BYOM lifecycle fields
The schema sync adopted the proxy version which includes source_url,
approval_status, and other BYOM fields. These were previously dropped
in migration 20260311180521 due to schema drift. This migration
restores them to match the now-unified schema.

Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
2026-03-27 16:24:03 -07:00
Yuneng JiangandClaude Opus 4.6 e0e0c5e293 [Infra] Fix zizmor artipacked warnings on schema sync workflows
Add persist-credentials: false to check-schema-sync (read-only, no push needed).
Explicitly set persist-credentials: true on sync-schema (required for git push).

Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
2026-03-27 16:14:06 -07:00
Yuneng JiangandClaude Opus 4.6 08e29e0a9a [Infra] Automated schema.prisma sync and drift detection
Sync all 3 schema.prisma copies and add GHA workflows to keep them in sync automatically.

Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
2026-03-27 16:01:20 -07:00
Ryan Crabbe e24819afef fix(sso): pass decoded JWT access token to role mapping during SSO login
During SSO login, bearer tokens are stripped from the OAuth response
before role mapping runs. Custom role claims encoded inside the JWT
access token are lost, so map_jwt_role_to_litellm_role() returns None
and the user falls back to internal_user_viewer.

process_sso_jwt_access_token() now returns the decoded JWT payload, and
a new _sync_user_role_from_jwt_role_map() receives it so
jwt_litellm_role_map works correctly during SSO login.
2026-03-27 13:50:30 -07:00
michelligabriele d533b432fd fix(proxy): enforce budget limits across multi-pod deployments via Redis-backed spend counters
Budget checks on API keys, teams, and team members were not enforced in
multi-pod deployments because user_api_key_cache is intentionally
in-memory-only. Each pod tracked spend independently, so with N pods
the effective budget was N × max_budget.

Introduces a separate spend_counter_cache (DualCache wired to
redis_usage_cache) with atomic increment/read helpers:
- increment_spend_counters(): awaited in cost callback (not create_task)
  to update both in-memory and Redis before the next auth check
- get_current_spend(): reads Redis first (cross-pod authoritative),
  falls back to in-memory, then to cached object .spend from DB

Budget check functions (_virtual_key_max_budget_check,
_team_max_budget_check, _check_team_member_budget) now read spend via
get_current_spend() instead of cached object .spend fields.

When Redis is not configured, falls back to in-memory-only counters
(same as current single-instance behavior).

Fixes #23714
2026-03-27 20:39:52 +01:00
yuneng-jiangandGitHub d949085310 Merge pull request #24697 from BerriAI/litellm_codeql_gha
[Infra] Improve CodeQL scanning coverage and schedule
2026-03-27 12:17:39 -07:00
yuneng-jiangandGitHub 241c45663b Merge pull request #24696 from BerriAI/litellm_pin_prisma_node_ci
[Fix] Pin Prisma Node.js dependency in CI workflows
2026-03-27 12:17:26 -07:00
Yuneng JiangandClaude Opus 4.6 ec4273ed8b [Infra] Improve CodeQL scanning coverage and schedule
Switch query suite from security-extended to security-and-quality to
match the default GitHub Advanced Security setup. Run scheduled scans
daily instead of weekly. Remove paths-ignore for _experimental/out so
build artifacts are also scanned.

Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
2026-03-27 12:04:09 -07:00
yuneng-jiangandGitHub 1b111d23f3 Merge pull request #24688 from Sameerlite/litellm_litellm_team-model-group-name-routing-fix
fix(team-routing): preserve sibling deployment candidates for team public models
2026-03-27 12:00:34 -07:00
Sameer Kankute c4159a2ade Fix codeql 2026-03-28 00:01:33 +05:30
Yuneng JiangandClaude Opus 4.6 ca3457b091 Pin nodejs-wheel-binaries in CI workflows running prisma generate
prisma generate internally runs `npm install prisma@5.4.2` against the
npm registry at runtime. Without a bundled Node.js, this causes
ECONNRESET failures on flaky GitHub Actions network and leaves the
npm transitive dependency tree unpinned.

Pre-install nodejs-wheel-binaries==24.13.1 (matching the Dockerfiles)
so prisma uses the bundled Node/npm instead of fetching from the
registry.

Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
2026-03-27 11:25:03 -07:00
yuneng-jiangandGitHub 8c2c6a40a6 Merge pull request #24689 from Sameerlite/litellm_litellm_remove-200k-pricing-opus-sonnet-46
fix(pricing): remove above_200k_tokens price tiers for claude-opus-4-6 and claude-sonnet-4-6
2026-03-27 10:26:17 -07:00
Sameer Kankute b4d0e3213f Fix the Pricing changes for claude models 2026-03-27 22:44:40 +05:30
Sameer KankuteandClaude Sonnet 4.6 453fc75ee9 fix(pricing): remove above_200k_tokens price tiers for claude-opus-4-6 and claude-sonnet-4-6
These models include the full 1M token context at standard pricing with no 2x surcharge above 200k tokens.

Co-Authored-By: Claude Sonnet 4.6 (1M context) <noreply@anthropic.com>
2026-03-27 22:44:40 +05:30
yuneng-jiangandGitHub 2ac1efdc0d Merge pull request #24603 from Sameerlite/litellm_openrouter-wildcard-strip-prefix
fix(openrouter): strip routing prefix for wildcard proxy deployments
2026-03-27 10:11:01 -07:00
yuneng-jiangandGitHub b6506bf40f Merge pull request #24610 from Sameerlite/litellm_lyria-3-cost-map-doc
feat(gemini): Lyria 3 preview models in cost map and docs
2026-03-27 10:10:03 -07:00
yuneng-jiangandGitHub 4bf5e66dbf Merge pull request #24624 from Sameerlite/litellm_sanitize-proxy-inputs
fix(proxy): sanitize user_id input and block dangerous env var keys
2026-03-27 10:08:32 -07:00
Krrish DholakiaandGitHub 412fd469e2 Merge pull request #24692 from BerriAI/litellm_security_townhall_blog
Litellm security townhall blog
2026-03-27 10:00:54 -07:00
yuneng-jiangandGitHub 53ac4c5459 Merge pull request #24661 from Sameerlite/litellm_filter-metadata-user-id
fix(anthropic): strip undocumented keys from metadata before sending to API
2026-03-27 10:00:36 -07:00
yuneng-jiangandGitHub 695304d758 Merge pull request #24662 from Sameerlite/litellm_gemini-retrieve-file-url-normalize
feat(gemini): normalize AI Studio file retrieve URL
2026-03-27 09:59:46 -07:00
yuneng-jiangandGitHub 210e30f055 Merge pull request #24665 from Sameerlite/litellm_gemini-3-1-flash-live-preview
feat(gemini): add gemini-3.1-flash-live-preview to model cost map
2026-03-27 09:58:44 -07:00
yuneng-jiangandGitHub f3fe6d1c0a Merge pull request #24687 from Sameerlite/litellm_litellm_azure-finetuning-fixes
feat(fine-tuning): fix Azure OpenAI fine-tuning job creation
2026-03-27 09:58:12 -07:00
yuneng-jiangandGitHub 3e7ee3e887 Merge pull request #24690 from Sameerlite/litellm_litellm_openai-reasoning-items-chat-completions
feat(openai): round-trip Responses API reasoning_items in chat completions
2026-03-27 09:54:23 -07:00
yuneng-jiangandGitHub bda8c9d8ac Merge pull request #24691 from Sameerlite/litellm_litellm_batch_metrics_4
feat(prometheus): add metrics for managed batch lifecycle
2026-03-27 09:52:59 -07:00
Krrish Dholakia 198a0e8438 docs: cleanup docs 2026-03-27 09:13:20 -07:00
Krrish DholakiaandGitHub ff63df25a2 Merge pull request #24663 from BerriAI/litellm_test_branch_03_26_2026_p1
Add zizmor to ci/cd
2026-03-27 08:59:07 -07:00
Sameer Kankute 931c88f567 Fix test 2026-03-27 21:21:43 +05:30
Sameer Kankute 09675ef205 Fix test 2026-03-27 21:12:37 +05:30
Sameer KankuteandGitHub e4a1e529c5 Merge pull request #2 from Sameerlite/litellm_litellm_health-check-driven-routing2
feat(router): health-check-driven routing
2026-03-27 21:05:56 +05:30
Krrish Dholakia 9c049ded65 docs: draft townhall doc
compressing slides into a deck
2026-03-27 08:35:38 -07:00
Sameer KankuteandClaude Opus 4.6 8210fd7e1d fix: revert accidental _litellm_uuid import back to _uuid
The isort hook picked up a stale rename from the working directory.
Both router.py and proxy_server.py need litellm._uuid, not _litellm_uuid.

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
2026-03-27 20:57:08 +05:30
Sameer KankuteandClaude Opus 4.6 f784beb74f fix: re-attach model_id after endpoint cleaning, bump log level
- model_id is now added after _clean_endpoint_data() so it survives
  health_check_details: False (MINIMAL_DISPLAY_PARAMS filtering)
- Health state write failures logged at warning instead of debug

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
2026-03-27 20:57:08 +05:30
Sameer KankuteandClaude Opus 4.6 7675488640 feat(router): add health-check-driven routing behind opt-in flag
Background health checks now feed deployment health state into the
router candidate-filtering pipeline. Unhealthy deployments are excluded
proactively instead of waiting for request failures to trigger cooldown.

Gated by `enable_health_check_routing: true` in general_settings.
Off by default — zero behavior change for existing users.

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
2026-03-27 20:57:08 +05:30
Sameer Kankute b212b340ab feat(gemini): normalize AI Studio file retrieve URL and harden tests
Made-with: Cursor
2026-03-27 20:43:19 +05:30