Commit Graph

7780 Commits

Author SHA1 Message Date
jyeros 02ebd1302e Code review 2026-03-18 16:25:42 -05:00
jyeros 2b6a32e0cd Add tests 2026-03-18 15:48:59 -05:00
jyeros bb628e974a Add otel ignore_context_propagation as opt in 2026-03-18 15:48:59 -05:00
Krish Dholakia 244bdffd1b Merge pull request #23509 from michelligabriele/fix/pass-through-duplicate-failure-logs
fix(proxy): prevent duplicate callback logs for pass-through endpoint failures
2026-03-18 11:57:50 -07:00
Krish Dholakia 0d7425a437 Merge pull request #23774 from michelligabriele/fix/model-level-guardrails-non-streaming-postcall
fix(proxy): model-level guardrails not executing for non-streaming post_call
2026-03-18 08:26:02 -07:00
Krish Dholakia cec3e9e7d4 Merge pull request #23808 from voidborne-d/fix/shared-aiohttp-session-auto-recovery
fix: auto-recover shared aiohttp session when closed
2026-03-17 22:23:01 -07:00
Krish Dholakia 5e570b3a66 Merge pull request #23911 from kelvin-tran/fix/cache-control-params-anthropic-document-file-message-blocks 2026-03-17 18:00:05 -07:00
d 🔹 88f59e1465 fix: use AsyncMock for concurrent test consistency
Address review feedback from greptile — use new_callable=AsyncMock
on the concurrent test's patch.object to ensure the mock is properly
typed as async, even though side_effect already handles the coroutine.
2026-03-18 00:54:23 +00:00
Kelvin Tran c6e9a2a40f Merge branch 'main' into fix/cache-control-params-anthropic-document-file-message-blocks 2026-03-17 15:34:00 -07:00
Kelvin Tran d0c5f494a8 fix: cache_control directive dropped anthropic document/file blocks 2026-03-17 14:30:12 -07:00
voidborne-d ca8f5cffa0 style: apply black formatting to fix CI lint check 2026-03-17 18:52:57 +00:00
Xianzong Xie cb88836486 Add incomplete response error propagation test
Committed-By-Agent: codex
Co-authored-by: codex <noreply@openai.com>
2026-03-17 11:39:12 -07:00
d 🔹 ef22144854 address P2 feedback: add lock docstring warning, remove redundant mock write
- Add WARNING docstring to _get_shared_session_lock() about not resetting
  the lock to None while coroutines may be in the recovery path
- Remove redundant proxy_server_module.shared_aiohttp_session assignment
  in mock_init (add_shared_session_to_data overwrites it synchronously)
2026-03-17 18:07:15 +00:00
ryan-crabbe ef9cc33ee3 Merge pull request #23822 from BerriAI/litellm_ryan_march_16
Litellm ryan's daily branch march 16
2026-03-17 10:03:01 -07:00
yuneng-jiang a622a1fa35 Merge pull request #23827 from BerriAI/litellm_internal_dev_03_16_2026
[Infra] Merge daily dev branch with main
2026-03-17 09:58:06 -07:00
d 32ecd24116 fix: address P2 review feedback - exception handling and warning accuracy
- Add try/except around _initialize_shared_aiohttp_session call to catch
  and log exceptions (instead of letting them bubble to outer handler)
- Fix warning message when re-checked session is None (was incorrectly
  logging closed session ID on a None session)
- Add debug logging to outer except handler instead of bare pass
- Add test for _initialize_shared_aiohttp_session raising exception
2026-03-17 13:09:26 +00:00
d 🔹 9e09bbc1df fix: reset _shared_session_lock in all tests for event loop isolation
Address Greptile P1 review: tests that exercise the closed-session code
path need to reset the module-level lock to avoid RuntimeError on
Python < 3.10 when asyncio.Lock is reused across different event loops.
2026-03-17 09:54:01 +00:00
voidborne-d ab4fda2eeb fix: add asyncio.Lock to prevent session/connector leak on concurrent recreation
When multiple requests detect a closed shared session simultaneously,
they would each create a new aiohttp.ClientSession, leaking intermediate
sessions and their TCP connectors. Added double-checked locking pattern
with asyncio.Lock to ensure only one coroutine recreates the session.

Added concurrent recreation test case.
2026-03-17 08:08:44 +00:00
yuneng-jiang dcbaa0512b Merge pull request #23826 from BerriAI/litellm_yj_march_16_2026
[Infra] Merge personal dev branch with daily dev branch
2026-03-16 23:47:50 -07:00
Ryan Crabbe 302292c805 Merge remote-tracking branch 'origin/main' into litellm_ryan_march_16 2026-03-16 22:51:45 -07:00
Harshit Jain d15c2d546e fix: Register DynamoAI guardrail initializer and enum entry (#23752)
* fix: Register DynamoAI guardrail initializer and enum entry

Fix the "Unsupported guardrail: dynamoai" error by:
1. Adding DYNAMOAI to SupportedGuardrailIntegrations enum
2. Implementing initialize_guardrail() and registries in dynamoai/__init__.py

The DynamoAI guardrail was added in PR #15920 but never properly registered
in the initialization system. The __init__.py was missing the
guardrail_initializer_registry and guardrail_class_registry dictionaries
that the dynamic discovery mechanism looks for at module load time.

Fixes #22773

Co-Authored-By: Claude Haiku 4.5 <noreply@anthropic.com>

* Update litellm/proxy/guardrails/guardrail_hooks/dynamoai/__init__.py

Co-authored-by: greptile-apps[bot] <165735046+greptile-apps[bot]@users.noreply.github.com>

* Update litellm/proxy/guardrails/guardrail_hooks/dynamoai/__init__.py

Co-authored-by: greptile-apps[bot] <165735046+greptile-apps[bot]@users.noreply.github.com>

* test: Add tests for DynamoAI guardrail registration

Verifies enum entry, initializer registry, class registry,
instance creation, and global registry discovery.

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>

---------

Co-authored-by: Claude Haiku 4.5 <noreply@anthropic.com>
Co-authored-by: greptile-apps[bot] <165735046+greptile-apps[bot]@users.noreply.github.com>
2026-03-16 22:24:29 -07:00
yuneng-jiang 53d96c8353 [Feature] Disable custom API key values via UI setting
Add disable_custom_api_keys UI setting that prevents users from specifying
custom key values during key generation and regeneration. When enabled, all
keys must be auto-generated, eliminating the risk of key hash collisions
in multi-tenant environments.

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
2026-03-16 21:35:21 -07:00
voidborne-d 7b66c970e9 fix: auto-recover shared aiohttp session when closed (#23806)
When the shared aiohttp session closes (due to network interruption,
idle timeout, or Redis failover side effects), the proxy permanently
falls back to creating a new HTTPS connection per request, losing the
benefit of connection pooling for the entire pod lifetime.

Fix: make add_shared_session_to_data() async and recreate the session
when it is found closed, restoring connection pooling automatically.

Fixes #23806
2026-03-17 03:11:58 +00:00
yuneng-jiang 4a92db8da1 [Fix] Skip key_alias re-validation on update/regenerate when alias unchanged
When updating or regenerating a key without changing its key_alias, the
existing alias was being re-validated against current format rules. This
caused keys with legacy aliases (created before stricter validation) to
become uneditable. Now validation only runs when the alias actually changes.

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
2026-03-16 18:09:00 -07:00
yuneng-jiang 208740a87c [Fix] Remove duplicate get_team_object call in _validate_update_key_data
Move the non-admin team validation into the existing get_team_object call
site to avoid an extra DB round-trip. The existing call already fetches
the team for limits checking — we now add the LIT-1884 guard there when
team_obj is None for non-admin callers.

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
2026-03-16 17:40:42 -07:00
yuneng-jiang bc752fb109 [Fix] Prevent internal users from creating invalid keys via key/generate and key/update
Internal users could exploit key/generate and key/update to create unbound
keys (no user_id, no budget) or attach keys to non-existent teams. This
adds validation for non-admin callers: auto-assign user_id on generate,
reject invalid team_ids, and prevent removing user_id on update.

Closes LIT-1884

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
2026-03-16 17:27:12 -07:00
yuneng-jiang 2ebea084c9 Merge remote-tracking branch 'origin/main' into litellm_internal_dev_03_16_2026 2026-03-16 16:33:40 -07:00
yuneng-jiang 31a677e357 Merge pull request #23792 from BerriAI/litellm_ui_logs_filter_2
[Fix] UI - Logs: Empty Filter Results Show Stale Data
2026-03-16 16:33:24 -07:00
Ryan Crabbe 67482db49d feat: fetch blog posts from docs RSS feed instead of static JSON on GitHub 2026-03-16 15:55:16 -07:00
yuneng-jiang 278c9babc6 [Infra] Merging RC Branch with Main (#23786)
* fix(test): add missing mocks for test_streamable_http_mcp_handler_mock

The test was missing mocks for extract_mcp_auth_context and set_auth_context,
causing the handler to fail silently in the except block instead of reaching
session_manager.handle_request. This mirrors the fix already applied to the
sibling test_sse_mcp_handler_mock.

Co-authored-by: Ishaan Jaff <ishaan-jaff@users.noreply.github.com>

* fix(ci): route OpenAI models through chat completions in pass-through tests

The test_anthropic_messages_openai_model_streaming_cost_injection test fails
because the OpenAI Responses API returns 400 for requests routed through the
Anthropic Messages endpoint. Setting LITELLM_USE_CHAT_COMPLETIONS_URL_FOR_ANTHROPIC_MESSAGES=true
routes OpenAI models through the stable chat completions path instead.
Cost injection still works since it happens at the proxy level.

Co-authored-by: Ishaan Jaff <ishaan-jaff@users.noreply.github.com>

* fix(ci): fix assemblyai custom auth and router wildcard test flakiness

1. custom_auth_basic.py: Add user_role='proxy_admin' so the custom auth
   user can access management endpoints like /key/generate. The test
   test_assemblyai_transcribe_with_non_admin_key was hidden behind an
   earlier -x failure and was never reached before.

2. test_router_utils.py: Add flaky(retries=3) and increase sleep from 1s
   to 2s for test_router_get_model_group_usage_wildcard_routes. The async
   callback needs time to write usage to cache, and 1s is insufficient on
   slower CI hardware.

Co-authored-by: Ishaan Jaff <ishaan-jaff@users.noreply.github.com>

* ci: retrigger CI pipeline

Co-authored-by: Ishaan Jaff <ishaan-jaff@users.noreply.github.com>

* fix(mypy): use LitellmUserRoles enum instead of raw string in custom_auth_basic

Fixes mypy error: Argument 'user_role' has incompatible type 'str'; expected 'LitellmUserRoles | None'

Co-authored-by: Ishaan Jaff <ishaan-jaff@users.noreply.github.com>

* fix: don't close HTTP/SDK clients on LLMClientCache eviction (#22926)

* fix: don't close HTTP/SDK clients on LLMClientCache eviction

Removing the _remove_key override that eagerly called aclose()/close()
on evicted clients. Evicted clients may still be held by in-flight
streaming requests; closing them causes:

  RuntimeError: Cannot send a request, as the client has been closed.

This is a regression from commit fb72979432. Clients that are no longer
referenced will be garbage-collected naturally. Explicit shutdown cleanup
happens via close_litellm_async_clients().

Fixes production crashes after the 1-hour cache TTL expires.

* test: update LLMClientCache unit tests for no-close-on-eviction behavior

Flip the assertions: evicted clients must NOT be closed. Replace
test_remove_key_closes_async_client → test_remove_key_does_not_close_async_client
and equivalents for sync/eviction paths.

Add test_remove_key_removes_plain_values for non-client cache entries.
Remove test_background_tasks_cleaned_up_after_completion (no more _background_tasks).
Remove test_remove_key_no_event_loop variant that depended on old behavior.

* test: add e2e tests for OpenAI SDK client surviving cache eviction

Add two new e2e tests using real AsyncOpenAI clients:
- test_evicted_openai_sdk_client_stays_usable: verifies size-based eviction
  doesn't close the client
- test_ttl_expired_openai_sdk_client_stays_usable: verifies TTL expiry
  eviction doesn't close the client

Both tests sleep after eviction so any create_task()-based close would
have time to run, making the regression detectable.

Also expand the module docstring to explain why the sleep is required.

* docs(AGENTS.md): add rule — never close HTTP/SDK clients on cache eviction

* docs(CLAUDE.md): add HTTP client cache safety guideline

* [Fix] Install bsdmainutils for column command in security scans

The security_scans.sh script uses `column` to format vulnerability
output, but the package wasn't installed in the CI environment.

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>

* fix: handle string callback values in prometheus multiproc setup

When callbacks are configured as a plain string (e.g., `callbacks: "my_callback"`)
instead of a list, the proxy crashes on startup with:
  TypeError: can only concatenate str (not "list") to str

Normalize each callback setting to a list before concatenating.

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>

* bump: version 1.82.2 → 1.82.3

* fix(test): update test_startup_fails_when_db_setup_fails for opt-in enforcement

The --enforce_prisma_migration_check flag is now required to trigger
sys.exit(1) on DB migration failure, after #23675 flipped the default
behavior to warn-and-continue.

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>

* fix(cost_calculator): use model name for per-request custom pricing when router_model_id has no pricing

When custom pricing is passed as per-request kwargs (input_cost_per_token/output_cost_per_token),
completion() registers pricing under the model name, but _select_model_name_for_cost_calc was
selecting the router deployment hash (which has no pricing data), causing response_cost to be 0.0.

Now checks whether the router_model_id entry actually has pricing before preferring it.

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>

---------

Co-authored-by: Cursor Agent <cursoragent@cursor.com>
Co-authored-by: Ishaan Jaff <ishaan-jaff@users.noreply.github.com>
Co-authored-by: Ishaan Jaff <ishaanjaffer0324@gmail.com>
Co-authored-by: Claude Opus 4.6 <noreply@anthropic.com>
2026-03-16 15:32:20 -07:00
yuneng-jiang bc810f99e4 [Fix] Privilege escalation: restrict /key/block, /key/unblock, and max_budget updates to admins
Non-admin users (INTERNAL_USER) could call /key/block and /key/unblock on
arbitrary keys, and modify max_budget on their own keys via /key/update.
These endpoints are now restricted to proxy admins, team admins, or org admins.

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
2026-03-16 14:46:50 -07:00
joereyna 0c1739390b fix: remove skip decorators from m2m tests now that oauth2_flow is set 2026-03-16 13:17:27 -07:00
michelligabriele b0c317e6d0 test: use __file__-relative sys.path for stable test imports
Address Greptile review — resolve sys.path relative to the test file
location instead of the process working directory.
2026-03-16 21:07:07 +01:00
michelligabriele 23b69eea62 fix(proxy): model-level guardrails not executing for non-streaming post_call
Model-level guardrails (litellm_params.guardrails on a deployment) were
only merged into request metadata in the streaming post_call path
(async_post_call_streaming_hook) but not in the non-streaming path
(post_call_success_hook). This caused should_run_guardrail to skip the
guardrail because the guardrail name was never added to metadata.guardrails.

Add the same _check_and_merge_model_level_guardrails call to
post_call_success_hook before the guardrail callback loop, mirroring the
streaming path.

Fixes model-level guardrails silently not firing for non-streaming
post_call requests.
2026-03-16 20:55:22 +01:00
ryan-crabbe 4f2fe3378f Merge pull request #23666 from BerriAI/litellm_fix-default-user-perms-not-synced-with-ui
fix: align DefaultInternalUserParams Pydantic default with runtime fallback
2026-03-16 11:58:30 -07:00
Sameer Kankute 3dccdde9c8 Merge pull request #23686 from BerriAI/litellm_oss_staging_03_14_2026
Litellm oss staging 03 14 2026
2026-03-16 20:00:17 +05:30
Sameer Kankute 71dfd0115c Merge pull request #23737 from BerriAI/litellm_create-character-endpoint-fixes
[Feat] Add create character endpoints and other new videos Endpoints
2026-03-16 19:53:35 +05:30
Sameer Kankute ee24abe86e fix(test): skip new video character endpoints in Azure SDK initialization test
Add avideo_create_character, avideo_get_character, avideo_edit, and avideo_extension
to the skip condition since Azure video calls don't use initialize_azure_sdk_client.

Tests now properly skip with expected behavior instead of failing:
- test_ensure_initialize_azure_sdk_client_always_used[avideo_create_character] ✓
- test_ensure_initialize_azure_sdk_client_always_used[avideo_get_character] ✓
- test_ensure_initialize_azure_sdk_client_always_used[avideo_edit] ✓
- test_ensure_initialize_azure_sdk_client_always_used[avideo_extension] ✓

Made-with: Cursor
2026-03-16 19:45:57 +05:30
Sameer Kankute b796ee9f03 Merge pull request #23530 from Sameerlite/litellm_preserve-final-streaming-attributes
fix(streaming): preserve custom attributes on final stream chunk
2026-03-16 19:12:41 +05:30
Sameer Kankute 0bbdd2a249 Merge pull request #23715 from BerriAI/litellm_anthropic_beta_header_order
Refactor: Filtering beta header after transformation
2026-03-16 19:07:08 +05:30
Sameer Kankute ab377f396e Merge pull request #23718 from BerriAI/litellm_fix_vertex_ai_batch
Fix: Vertex ai Batch Output File Download Fails with 500
2026-03-16 19:05:49 +05:30
Sameer Kankute 9beec825d4 Merge branch 'main' into litellm_create-character-endpoint-fixes 2026-03-16 17:58:16 +05:30
Sameer Kankute 14a691ffd5 Add new videos transformation 2026-03-16 17:56:21 +05:30
yuneng-jiang 8f56ddb9c6 Merge remote main into litellm_ci_optimize
Resolved conflict in test_claude_agent_sdk.py by keeping main's additions.

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
2026-03-16 00:50:22 -07:00
yuneng-jiang ccfe4b57d5 [Fix] Restore unconditional importlib.reload for llm_translation conftest
The xdist-conditional reload (manual reset in xdist mode) was missing
attributes that importlib.reload resets, causing Azure connection errors.
The original conftest used importlib.reload unconditionally (even under
xdist) and that worked on main. Restore that behavior.

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
2026-03-16 00:35:02 -07:00
yuneng-jiang f434cdbdce [Fix] Remove flush_cache from llm_translation conftest to prevent connection churn
The old conftest never flushed HTTP client cache. Adding flush_cache() before
every test forces new TCP connections to external APIs, causing transient
connection failures under xdist parallelism. Global state isolation is already
handled by _SCALAR_DEFAULTS reset.

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
2026-03-16 00:20:40 -07:00
yuneng-jiang acfaea9d25 [Fix] Reset api_base/api_key in xdist conftest to prevent cross-test leakage
test_rerank.py sets litellm.api_base = "http://localhost:4000" which leaked
to all subsequent tests on the same xdist worker, causing connection failures
across every provider (Cohere, Azure, OpenAI, etc.).

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
2026-03-15 23:55:44 -07:00
Sameer Kankute 22b333cae6 Fix downloading vertex ai files 2026-03-16 12:08:06 +05:30
yuneng-jiang 5db6aef834 [Fix] Restore xdist test isolation: capture true defaults and poll cooldowns
The revert of 9711e3adfe left xdist tests without proper state isolation.
Module-level assignments like `litellm.num_retries = 3` in 12+ test files
pollute shared globals, and the fixture was saving/restoring contaminated
values instead of resetting to true defaults.

- Capture true litellm defaults at conftest import time and reset before
  each test (local_testing + llm_translation)
- Make llm_translation/conftest.py xdist-safe (skip reload under xdist,
  add state isolation)
- Replace asyncio.sleep(2) with polling in cooldown handler tests

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
2026-03-15 23:33:21 -07:00
Krish Dholakia ca4329aeb9 Root cause fix - migrate all logging update to use 1 function - for centralized kwarg updates (#23659)
* fix: Fixes https://github.com/BerriAI/litellm/issues/23185

* fix(responses/main.py): ensure litellm metadata custom cost works

* refactor: move all logging updates to a common function, to have just 1 place to update logging kwarg updates
2026-03-15 23:21:01 -07:00