Commit Graph

4046 Commits

Author SHA1 Message Date
YutaSaito 6eb74bd62a Feat/persist mcp credentials in db (#16308)
* feat: persist mcp credentials in db

* feat: remove Auth Value field from MCP Tool Testing Playground

* fix: test
2025-11-07 19:22:49 -08:00
Sameer Kankute b6f792f301 Added support for desabling thoughts by setting budget to 0 (#16347) 2025-11-07 19:19:16 -08:00
Jack Cherng 2ab34f9a52 Fix HostedVLLMRerankConfig will not be used (#16352)
* Fix HostedVLLMRerankConfig will not be used

Signed-off-by: Jun-Fei Cherng <jfcherng@realtek.com>

* Fix no usage statistics in rerank with hosted_vllm

Signed-off-by: Jun-Fei Cherng <jfcherng@realtek.com>

* Revise typo in comment

Signed-off-by: Jun-Fei Cherng <jfcherng@realtek.com>

---------

Signed-off-by: Jun-Fei Cherng <jfcherng@realtek.com>
2025-11-07 19:11:59 -08:00
Ishaan Jaffer a8533dc5c4 Revert "Added xai responses support (#16310)"
This reverts commit ee50f09e73.
2025-11-07 18:39:38 -08:00
Ishaan Jaffer 736b6b3e1e TestVertexAIRerankTransform 2025-11-07 18:18:48 -08:00
Ishaan Jaff 674d4b4cab [Feat] Guardrails - LiteLLM Content Filter, Allow Viewing/Editing Content Filter Settings (#16383)
* fix safe dumps

* add patterns.json

* add PrebuiltPattern

* add test patterns

* fix edit and view

* fix backend handling

* fix CF ui edit

* fix init
2025-11-07 18:15:09 -08:00
Ishaan Jaff ca229fe030 [Feat] LiteLLM Guardrail - UI Fix, ensure you can see UI Friendly name for PII Patterns (#16382)
* fix safe dumps

* add patterns.json

* add PrebuiltPattern

* add test patterns
2025-11-07 18:14:58 -08:00
Sameer Kankute faae0ff0dc Fix Azure DALL-E-3 health check content policy violation by using safe default prompt (#16329)
* Add custom health check prompt support

* Add constant for health check prompt

* Add constant for health check prompt
2025-11-07 15:30:56 -08:00
Ishaan Jaff 2bd85dc455 [Feat] Add DD Agent Host support for datadog callback (#16379)
* add DD_AGENT_HOST

* docs DD Agent

* test_datadog_agent_configuration

* DD_AGENT_HOST
2025-11-07 15:18:23 -08:00
Ishaan Jaff a6b0993405 [Feat] Secret Manager - Hashicorp, add auth via approle (#16374)
* add _verify_required_credentials_exist and _auth_via_approle

* test_hashicorp_secret_manager_approle_auth

* docs hcorp auth
2025-11-07 14:39:33 -08:00
Alan Ponnachan 5b01fe0a81 fix(vertex_ai): Correctly map 429 Resource Exhausted to RateLimitError (#16363) 2025-11-07 14:36:20 -08:00
Emerson Gomes 940a72ceb0 Add Vertex MiniMAX m2 (#16373) 2025-11-07 14:27:42 -08:00
Xingyao Wang 4860cdbfd5 Fix: Azure GPT-5 incorrectly routed to O-series config (temperature parameter unsupported) (#16246)
* Fix Azure GPT-5 incorrectly routing to O-series config

GPT-5 models support reasoning but are NOT O-series models and DO support
temperature parameter. The previous routing logic in get_provider_responses_api_config()
was incorrectly sending Azure GPT-5 requests to AzureOpenAIOSeriesResponsesAPIConfig
which removes temperature from supported params.

This fix explicitly excludes GPT-5 models from O-series routing, ensuring they
use the standard AzureOpenAIResponsesAPIConfig which properly supports temperature.

Fixes: Azure GPT-5 throwing UnsupportedParamsError for temperature parameter
Tested: Added comprehensive unit tests for GPT-5 and O-series routing

* Apply suggestion from @xingyaoww

* Apply suggestion from @xingyaoww

* Improve Azure routing logic to use broader 'gpt' check for temperature support

Based on feedback from @krrishdholakia, updated the routing logic to check
for 'gpt' in model name instead of specifically 'gpt-5'. This approach is:

- More future-proof: covers all GPT models (gpt-3.5, gpt-4, gpt-5, future models)
- Simpler: single check for all GPT variants
- More maintainable: won't need updates for each new GPT model

Changes:
- litellm/utils.py: Changed from is_gpt5 to is_gpt_model check
- tests: Added comprehensive test for all GPT model variants (gpt-3.5 through gpt-5)

All tests pass:
- GPT models (gpt-3.5-turbo, gpt-4, gpt-4o, gpt-5) -> AzureOpenAIResponsesAPIConfig (supports temperature)
- O-series models (o1, o3) -> AzureOpenAIOSeriesResponsesAPIConfig (no temperature)

Co-authored-by: openhands <openhands@all-hands.dev>

---------

Co-authored-by: openhands <openhands@all-hands.dev>
2025-11-07 10:24:27 -08:00
Sameer Kankute 94e1a1ecac Use vertex creds passed via arguments (#16266) 2025-11-06 19:35:22 -08:00
Jason Roberts 5733f711fd feat(guardrails): panw prisma airs guardrail deduplication and enhanced session tracking (#16273)
* feat(guardrails): Add deduplication and session tracking

- Implement deduplication logic to prevent duplicate scans (via call_id; add _check_and_mark_scanned) caused by LiteLLM callback system
- Add session tracking using litellm_trace_id as AI Session ID for Prisma AIRS SCM logging
- Extract helper methods _extract_prompt_from_request maintainability
- Use httpxSpecialProvider import (LoggingCallback -> GuardrailCallback)
- Add comprehensive tests for deduplication and session tracking (7 new tests)
- Update documentation with multi-turn conversation tracking examples

* docs: update PANW Prisma AIRS multi-turn conversation example to use industry-standard terminology

- Clearer example for conversation tracking
- Updated terminology from 'AI Session ID' to 'Prisma AIRS AI Session ID' for clarity

* fix: remove unused asyncio import

* fix: correct mypy type ignore comment
2025-11-06 19:34:37 -08:00
Andrii Kislitsyn c497b6f239 Add retry-after header support for errors 502, 503, 504 (#16288)
* retry-after-header-support-for-502-503-504-initial

* retry-after-header-support-for-502-503-504-tests-and-linters
2025-11-06 19:33:29 -08:00
Cesar Garcia 16325024df fix: Use valid CallTypes enum value in embeddings endpoint (#16328)
* Fix embeddings endpoint call_type to use valid CallTypes enum value

Fixed bug where the `/embeddings` endpoint was passing `call_type="embeddings"`
to guardrail hooks, but "embeddings" is not a valid value in the CallTypes enum.

Changed to use `call_type="aembedding"` (async embedding) which is the correct
CallTypes enum value and matches the route_type used in the same function.

Added unit tests to verify:
- "embeddings" is not a valid CallTypes enum value
- "aembedding" is the correct valid value
- The fix prevents ValueError when guardrails are enabled

Fixes #16240

* Inline embeddings call type regression check

* Ensure embedding test preserves proxy metadata
2025-11-06 19:25:00 -08:00
Sameer Kankute 83998d3573 Update the fireworks url in tests and doc (#16346) 2025-11-06 19:22:21 -08:00
Ishaan Jaff bd7d653bae Revert "Update perplexity cost tracking (#15743)" (#16345)
This reverts commit ad6a0f4d44.
2025-11-06 19:00:45 -08:00
Ishaan Jaffer 5157078e0a test_delete_callbacks_in_db 2025-11-06 18:37:36 -08:00
Ishaan Jaffer 7af8acdc22 test_gpt_5_reasoning_streaming fixes 2025-11-06 18:16:18 -08:00
Ishaan Jaffer 3b1ff2a004 test_standard_logging_payload_includes_guardrail_information 2025-11-06 17:28:27 -08:00
Ishaan Jaffer b5d81a5d9c test_completion_text_003_prompt_array, test_key_generate_with_secret_manager_call 2025-11-06 17:18:01 -08:00
Ishaan Jaffer dc71eb12e3 fix _get_spend_logs_metadata 2025-11-06 17:08:53 -08:00
Ishaan Jaffer 8e73e11fc8 SEARCH_PROVIDERS 2025-11-06 17:07:53 -08:00
Ishaan Jaffer 8a9fe7b056 fix delete callbacks 2025-11-06 17:06:34 -08:00
Ishaan Jaffer c727a2ad63 test noma, presidio 2025-11-06 17:06:03 -08:00
Ishaan Jaffer 0a4e2a88e3 TestIsAllowedToCallVectorStoreEndpoint 2025-11-06 17:02:59 -08:00
Ishaan Jaffer 0a8ae52014 test_guardrail_status_fields_computation 2025-11-06 16:56:50 -08:00
Ishaan Jaffer e6d7a0a153 test fixes 2025-11-06 16:29:18 -08:00
Ishaan Jaffer 89a73b853a fix cyber ark 2025-11-06 16:26:14 -08:00
Ishaan Jaffer 61cf169926 test_basic_openai_responses_api_streaming 2025-11-06 16:18:30 -08:00
Ishaan Jaffer 7ec2d103f6 test router endpoitns 2025-11-06 16:17:14 -08:00
Ishaan Jaffer 811b5a3c98 test_firecrawl_search_request_body 2025-11-06 16:15:02 -08:00
Ishaan Jaff 18a5c4f75a [Feat] Add LiteLLM Gateway built in guardrail (#16338)
* add ContentFilterAction

* store pre-built regex patterns

* add v0 of content filter guard

* add _filter_messages

* test content filter guard

* init ContentFilterGuardrail

* fix ContentFilterGuardrail enums

* rename folder

* fix litellm_content_filter

* refactor content filter guard

* test content filter

* add streaming for ContentFilterGuardrail

* test_streaming_hook_mask

* add litellm_content_filter

* docs show litellm content filter

* docs litellm content filter

* fix lnting

* Potential fix for code scanning alert no. 3675: Clear-text logging of sensitive information

Co-authored-by: Copilot Autofix powered by AI <62310815+github-advanced-security[bot]@users.noreply.github.com>

---------

Co-authored-by: Copilot Autofix powered by AI <62310815+github-advanced-security[bot]@users.noreply.github.com>
2025-11-06 16:02:28 -08:00
Cesar Garcia 1fec48499f fix: Pass extra_body to provider in Responses API requests (#16320)
## Problem
The `extra_body` parameter in `litellm.responses()` and `litellm.aresponses()`
was being accepted but never passed to the HTTP request sent to the LLM provider.
This prevented users from sending custom/experimental parameters to provider APIs.

## Changes
- Added `data.update(extra_body)` in `async_response_api_handler` (line 2138)
- Added `data.update(extra_body)` in `response_api_handler` (line 2012)
- Added tests to `test_openai_responses_api.py` for extra_body functionality

## Testing
- Tests verify extra_body params are passed in both sync and async modes
- Existing Responses API tests continue to pass
- Manually verified with OpenAI API that custom params are sent correctly

## Impact
Users can now pass custom/experimental parameters via extra_body:
```python
litellm.aresponses(
    model="gpt-4o",
    input="hello",
    extra_body={"custom_param": "value"}  # Now works!
)
```

This aligns with the OpenAI SDK pattern and matches behavior in other
LiteLLM endpoints (completion, embedding, etc.) that already support extra_body.
2025-11-06 14:54:40 -08:00
Ishaan Jaff c98b125851 [Feat] OTEL - Log Cost Breakdown on OTEL Logger (#16334)
* add gen_ai cost metrics

* TestOpenTelemetryCostBreakdown

* fix QA check

* validate_redacted_message_span_attributes
2025-11-06 13:53:53 -08:00
Sameer Kankute b762493ec5 Remove aws params from claude4_5 request (#16315) 2025-11-06 10:10:30 -08:00
Sameer Kankute ee50f09e73 Added xai responses support (#16310) 2025-11-06 08:39:28 -08:00
Krish Dholakia 80440e11a7 Revert "Update MCP version from 1.10.1 to 1.20.0 (#16281)" (#16300)
This reverts commit 34c12d0131.
2025-11-05 18:42:34 -08:00
Jamie Goodyear 2c9970742f [LiteLLM-16250] Proxy to Bedrock will add name to file content, breaks when cache_control in use (#16275) 2025-11-05 18:39:38 -08:00
Petre Alexandru 911e802969 feat: add parallel execution handling in during_call_hook (#16279) 2025-11-05 18:35:25 -08:00
Guan Zheng Huang 34c12d0131 Update MCP version from 1.10.1 to 1.20.0 (#16281)
* Update MCP version from 1.10.1 to 1.20.0

- Update mcp dependency: 1.10.1 -> 1.20.0 in requirements.txt, pyproject.toml, and CI config
- Update uvicorn dependency: 0.29.0 -> 0.31.1 (required by MCP 1.20.0)
- Update PyJWT constraint to support newer versions required by MCP
- Update all CI pipeline references to MCP 1.20.0
- Add test to verify MCP version and import compatibility

MCP 1.20.0 requires uvicorn >=0.31.1 and PyJWT >=2.10.1.
MCP package remains Python >=3.10 only (no change to version constraint).

* Update poetry.lock for MCP 1.20.0
2025-11-05 18:34:28 -08:00
yuneng-jiang 812c8b88e9 Fixed /model_group/info returning entire model list for SSO users (#16296) 2025-11-05 18:30:30 -08:00
yuneng-jiang 5d158775b1 [Fix] Litellm non root docker Model Hub Table fix (#16282)
* Fix model hub table 404 on non-root docker

* Adding test
2025-11-05 18:30:20 -08:00
Ishaan Jaff 630a746c84 [Feat] Add Custom Secret Manager - Allow users to define and write a custom secret manager (#16297)
* add CustomSecretManager class

* docs custom secret manager

* add TestCustomSecretManager

* add KeyManagementSystem.CUSTOM

* add get_secret_from_manager

* add custom secret manager

* Potential fix for code scanning alert no. 3662: Clear-text logging of sensitive information

Co-authored-by: Copilot Autofix powered by AI <62310815+github-advanced-security[bot]@users.noreply.github.com>

* docs fix

* load_custom_secret_manager

* initialize_secret_manager

* add custom_secret_manager

* fix add custom secret manager

* add custom secret manager to KeyManagementSystem

* fix KeyManagementSystem.CUSTOM

* fix custom secret manager within cookbook

* fix link for custom secret manager

* Potential fix for code scanning alert no. 3663: Clear-text logging of sensitive information

Co-authored-by: Copilot Autofix powered by AI <62310815+github-advanced-security[bot]@users.noreply.github.com>

---------

Co-authored-by: Copilot Autofix powered by AI <62310815+github-advanced-security[bot]@users.noreply.github.com>
2025-11-05 17:20:26 -08:00
Aliaksandr Kuzmik d14a637b16 OpikLogger: fix the bug with not incorrect attachment to existing trace & refactor (#15529)
* Fix bug, add new unit test

* Extract payload builder code to a separate namespace

* Update opik.py to use logic from the new namespace

* Code cleanup, type hints improvements

* Run linter

* Log model name as span field

* Reformat arguments in payload builders

* Use dataclasses for payloads, use opik native client if it's available

* Add cost and provider

* Add provider mapping
2025-11-05 16:29:50 -08:00
Krrish Dholakia 7ad6abeb1c fix(batch_utils.py): improve batch utils to handle newlines within batch content
Fixes LIT-1376
2025-11-05 16:15:09 -08:00
Sameer Kankute 0388e3d393 Stabilize main branch (#16243)
* Fix failing container and azure tests

* fix lint error

---------

Co-authored-by: Ishaan Jaff <ishaanjaffer0324@gmail.com>
2025-11-05 16:07:28 -08:00
Alexsander Hamir 8ee9b1bc93 feat: Add configurable mount name and path prefix for HashiCorp Vault (#16253)
- Add HCP_VAULT_MOUNT_NAME env var to override default 'secret' mount
- Add HCP_VAULT_PATH_PREFIX env var to add prefix to secret paths
- Update get_url() method to construct URLs with configurable mount and prefix
- Add test coverage for custom mount names and path prefixes
- Maintain backward compatibility with existing configurations

This allows users to configure Vault paths like:
- Custom mount: {VAULT_ADDR}/v1/{MOUNT_NAME}/data/{SECRET}
- With prefix: {VAULT_ADDR}/v1/secret/data/{PREFIX}/{SECRET}
- Both: {VAULT_ADDR}/v1/{MOUNT_NAME}/data/{PREFIX}/{SECRET}

Resolves issue where mount name was hardcoded and path prefixes weren't supported.
2025-11-05 16:06:07 -08:00