1. test_bedrock_converse_budget_tokens_preserved:
- Fixed mocking at the correct level (litellm.acompletion instead of client.post)
- The previous mock didn't work because the code runs through run_in_executor
and the passed client parameter was not being used
2. test_error_class_returns_volcengine_error:
- Changed isinstance check to class name comparison
- This avoids issues when module reloading (in conftest.py) causes class
identity mismatches during parallel test execution
1. test_acompletion_with_mcp_streaming_metadata_in_correct_chunks:
- Moved stream consumption inside patch context to avoid real API calls
- The previous implementation had assertions outside the `with patch(...)`
block, causing real OpenAI API calls when consuming the stream
2. TestCheckResponsesCost tests:
- Added skip condition when litellm_enterprise module is not available
- These tests import from litellm_enterprise.proxy.common_utils.check_responses_cost
which is only available in the enterprise version
This commit addresses two issues:
1. **Merge conflict resolution**: Resolved merge conflict in litellm/integrations/opentelemetry.py
that was preventing imports from working. The conflict was in the OpenTelemetry SDK
LogRecord import section.
2. **Test flakiness fix**: Fixed intermittent failures in test_bedrock_converse_budget_tokens_preserved
by properly configuring mock objects to avoid unawaited coroutine warnings.
The test was failing in CI with "Expected 'post' to have been called once. Called 0 times."
The root cause was improper mock setup where AsyncMock was creating async child methods
(raise_for_status, json) that returned unawaited coroutines, causing unreliable behavior
across different Python versions and test environments.
**Changes:**
- Set raise_for_status() and json() as explicit MagicMock instances on the response
- Use AsyncMock explicitly for the post() method via patch.object's 'new' parameter
- This ensures response methods are synchronous while the HTTP call remains async
**Testing:**
- Test now passes consistently across 5 consecutive runs
- RuntimeWarnings about unawaited coroutines eliminated (18 warnings → 16 warnings)
- Request JSON verification shows budget_tokens correctly preserved
Co-Authored-By: Claude Sonnet 4.5 <noreply@anthropic.com>
The manual sys.modules restoration code was redundant because
patch.dict.stop() automatically handles the cleanup. This simplifies
the tearDown method and removes the now-unused _original_langfuse_module
instance variable.
Addresses review comment: https://github.com/BerriAI/litellm/pull/21214#pullrequestreview-3802348462
Co-Authored-By: Claude Sonnet 4.5 <noreply@anthropic.com>
Fixes test_log_langfuse_v2_handles_null_usage_values flaky test failure
by properly cleaning up sys.modules['langfuse'] in tearDown.
Changes:
- Store original langfuse module in setUp before mocking
- Restore original or remove mock in tearDown to prevent state pollution
- Remove invalid print_verbose parameter from log_event_on_langfuse
Root Cause:
The tearDown method was not cleaning up sys.modules['langfuse'] after
each test, causing mock state to leak between tests. This caused
intermittent failures in CI, especially when tests run in parallel or
in different orders.
Impact:
This test has a long history of flakiness with multiple attempted fixes
(#20475, #17599, #17594, #17591, #17588). The missing sys.modules cleanup
was the underlying issue causing continued failures despite those patches.
Co-Authored-By: Claude Sonnet 4.5 <noreply@anthropic.com>
* fix(content_filter.py): fix filter on toxic keywords
* feat: improve toxic/abusive language detection
* fix: additional improvements to nsfw filters
* feat: more improvements to nsfw filter
* feat(content_filter.json): add new australia specific nsfw content filter
ensure complete coverage for australia nsfw
* fix: cleanup policy templates
* fix(index.tsx): alert notice
* fix(index.tsx): add disclaimer notice
* feat(harmful_child_safety.yaml): new child safety content filter
ensure we catch inappropriate, child-specific content
* feat(policy_templates.json): add child safety and self harm filters
* fix(content_filter.py): improve racial bias filter to use a similar identifier + block word pattern and cover a wider range of ethnicities
* feat(policy_templates.json): add racial bias to nsfw policy template
* feat: add json content viewer
* fix(model_cost): add missing supports_system_messages and supports_tool_choice to bedrock/moonshotai.kimi-k2.5
* fix(streaming): ensure role=assistant is set on first streaming chunk via strip_role_from_delta
* fix(vertex_ai): ensure role=assistant on first streaming chunk for Llama models
Add VertexAILlama3StreamingHandler that injects role='assistant' into the
first streaming chunk delta when the Vertex AI Llama API omits it.
* fix(anthropic): filter unsupported JSON schema constraints for structured outputs
Fixes 400 error when using Anthropic models with structured outputs that have
min/max constraints.
The Anthropic API doesn't support these JSON schema constraints:
- minimum/maximum (numeric)
- exclusiveMinimum/exclusiveMaximum (numeric)
- minLength/maxLength (string)
- minItems/maxItems (array)
This mirrors the transformation done by the official Anthropic Python SDK.
See: https://platform.claude.com/docs/en/build-with-claude/structured-outputs#how-sdk-transformation-works
Adds tests for the schema filtering function.
* fix: update descriptions with removed constraint info in filter_anthropic_output_schema
Address review feedback: the function now appends removed constraint
information to the description field (matching Anthropic SDK behavior),
rather than silently dropping constraints.
---------
Co-authored-by: OpenClaw <openclaw@users.noreply.github.com>
* Add pipeline type definitions for guardrail pipelines
PipelineStep, GuardrailPipeline, PipelineStepResult, PipelineExecutionResult
with validation for actions (allow/block/next/modify_response) and modes.
* Export pipeline types from policy_engine types package
* Add optional pipeline field to Policy model
* Add pipeline executor for sequential guardrail execution
* Parse pipeline config in policy registry
* Add pipeline validation in policy validator
* Add pipeline resolution and managed guardrail tracking
* Resolve pipelines and exclude managed guardrails in pre-call
* Integrate pipeline execution into proxy pre_call_hook
* Add test guardrails for pipeline E2E testing
* Add example pipeline config YAML
* Add unit tests for pipeline type definitions
* Add unit tests for pipeline executor
* Add pipeline column to LiteLLM_PolicyTable schema
* Add pipeline field to policy CRUD request/response types
* Add pipeline support to policy DB CRUD operations
* Add PipelineStep and GuardrailPipeline TypeScript types
* Add Zapier-style pipeline flow builder UI component
* Integrate pipeline flow builder with mode toggle in policy form
* Add pipeline display section to policy info view
* Add unit tests for pipeline in policy CRUD types
* Refactor policy form to show mode picker first with icon cards
* Add full-screen FlowBuilderPage component for pipeline editing
* Wire up full-screen flow builder in PoliciesPanel with edit routing
* Restyle flow builder to match dev-tool UI aesthetic
* Restyle flow builder cards to match reference design
* Update step card to expanded layout with stacked ON PASS / ON FAIL sections
* Add end card to flow builder showing return to normal control flow
* Add PipelineTestRequest type for test-pipeline endpoint
* Export PipelineTestRequest from policy_engine types
* Add POST /policies/test-pipeline endpoint
* Add testPipelineCall networking function
* Add PipelineStepResult and PipelineTestResult types
* Add test pipeline panel to flow builder with run button and results display
* Fix pipeline executor: inject guardrail name into metadata so should_run_guardrail allows execution
* Update litellm/proxy/policy_engine/pipeline_executor.py
Co-authored-by: greptile-apps[bot] <165735046+greptile-apps[bot]@users.noreply.github.com>
* Update litellm/proxy/utils.py
Co-authored-by: greptile-apps[bot] <165735046+greptile-apps[bot]@users.noreply.github.com>
* Update litellm/proxy/policy_engine/policy_endpoints.py
Co-authored-by: greptile-apps[bot] <165735046+greptile-apps[bot]@users.noreply.github.com>
* Update litellm/proxy/policy_engine/pipeline_executor.py
Co-authored-by: greptile-apps[bot] <165735046+greptile-apps[bot]@users.noreply.github.com>
---------
Co-authored-by: greptile-apps[bot] <165735046+greptile-apps[bot]@users.noreply.github.com>
* Pyroscope: require PYROSCOPE_APP_NAME and PYROSCOPE_SERVER_ADDRESS, add UTF-8 locale hint
- No defaults for PYROSCOPE_APP_NAME or PYROSCOPE_SERVER_ADDRESS; fail at startup if unset when Pyroscope is enabled
- Set LANG/LC_ALL to C.UTF-8 when unset to reduce malformed_profile (invalid UTF-8) rejections
- Startup message suggests PYTHONUTF8=1 if server rejects profiles
- Simplify LITELLM_ENABLE_PYROSCOPE in config_settings; document Pyroscope env vars as required with no default
- Add pyroscope_profiling to sidebar (Alerting & Monitoring)
- pyproject.toml: pyroscope-io as required dep on non-Windows (marker), in proxy extra
* proxy: add PYROSCOPE_SAMPLE_RATE env, use verbose logging, fix int type
- Add optional PYROSCOPE_SAMPLE_RATE env (integer, no default)
- Pass sample_rate to pyroscope.configure() as int for pyroscope-io
- Replace print with verbose_proxy_logger (info/warning)
- Document PYROSCOPE_SAMPLE_RATE in config_settings.md
* Address Greptile PR feedback: Pyroscope optional, docs, tests, docstring
- pyproject.toml: mark pyroscope-io as optional=true (proxy extra only)
- Add docs/my-website/docs/proxy/pyroscope_profiling.md (fix broken sidebar link)
- Add tests/test_litellm/proxy/test_pyroscope.py for _init_pyroscope()
- proxy_server: fix _init_pyroscope docstring (required server/app name, sample rate as int)
* Update litellm/proxy/proxy_server.py
Co-authored-by: greptile-apps[bot] <165735046+greptile-apps[bot]@users.noreply.github.com>
---------
Co-authored-by: greptile-apps[bot] <165735046+greptile-apps[bot]@users.noreply.github.com>
* fix: populate identity fields in proxy admin JWT early-return path
When is_proxy_admin is True, the UserAPIKeyAuth early-return now includes
user_id, team_id, team_alias, team_metadata, org_id, and end_user_id
resolved from the JWT. Previously only user_role and parent_otel_span
were set, causing blank Team Name and Internal User in Request Logs UI.
* test: add unit tests for proxy admin JWT identity fields
* fix: add custom_body parameter to endpoint_func in create_pass_through_route
The bedrock_proxy_route calls `endpoint_func(custom_body=data)` to
pass a pre-parsed, SigV4-signed request body. However, the
`endpoint_func` closure created by `create_pass_through_route` does
not accept a `custom_body` keyword argument, causing:
TypeError: endpoint_func() got an unexpected keyword argument 'custom_body'
Add `custom_body: Optional[dict] = None` to both `endpoint_func`
definitions (adapter-based and URL-based). In the URL-based path,
when `custom_body` is provided by the caller, use it instead of
re-parsing the body from the raw request.
Fixes#16999
* Add tests for custom_body handling in create_pass_through_route
Address reviewer feedback on PR #20849:
- Document why the adapter-based endpoint_func accepts custom_body
for signature compatibility but does not forward it (the underlying
chat_completion_pass_through_endpoint does not support it).
- Add test_create_pass_through_route_custom_body_url_target: verifies
that when a caller (e.g. bedrock_proxy_route) supplies custom_body,
it takes precedence over the body parsed from the raw request.
- Add test_create_pass_through_route_no_custom_body_falls_back:
verifies that the default path (no custom_body) correctly uses the
request-parsed body, preserving existing behavior.
Both tests are fully mocked following the project's CONTRIBUTING.md
guidelines and the patterns established in the existing test file.
Co-authored-by: Cursor <cursoragent@cursor.com>
---------
Co-authored-by: themavik <themavik@users.noreply.github.com>
Co-authored-by: Cursor <cursoragent@cursor.com>