Commit Graph
30 Commits
Author SHA1 Message Date
ishaan-berriandGitHub 231c430200 fix: scope CLI stored token to base_url to prevent cross-domain credential leakage (#26945)
* fix: add expected_base_url origin check to get_litellm_gateway_api_key

* fix: scope get_stored_api_key and save base_url on login

* fix: pass base_url to get_stored_api_key in CLI entrypoint

* fix: scope ProxyClient stored key to base_url

* test: add expected_base_url coverage for get_stored_api_key

* fix: initialize self.http with resolved api_key not raw param

* fix: black formatting in client.py and test_auth_commands.py
2026-05-01 12:11:32 -07:00
user 88d8a80761 tighten cli sso session flow 2026-04-29 17:13:25 -07:00
Ishaan Jaffer e8461b5b97 style: run black formatter on files from main merge 2026-04-17 13:02:59 -07:00
a6c30b30bf build: migrate packaging, CI, and Docker from Poetry to uv (#25007)
* build: migrate packaging metadata to uv

* ci: move automation and local tooling to uv

* docker: migrate image builds and runtime setup to uv

* docs: update install and deployment guidance for uv

* chore: align auxiliary scripts and tests with uv

* test: harden test_litellm isolation

* fix: keep release and health check images self-contained

* build: pin uv tooling and health check deps

* test: isolate bedrock image request formatting from suite state

* test: cover sandbox executor requirements flow

* ci: fix circleci no-op command steps

* ci: fix circleci publish workflow parsing

* fix: stabilize remaining uv migration CI checks

* ci: increase matrix test timeout headroom

* fix: restore published docker and license coverage

* fix: restore proxy runtime build parity

* fix: restore proxy extras parity and venv migrations

* ci: persist uv path across circleci steps

* fix: keep psycopg binary in default test env

* docker: preserve prisma cache across stages

* test: run local proxy checks through uv python

* build: restore runtime deps moved into ci

* build: refresh uv lock after upstream merge

* fix: restore module import in test_check_migration after merge

The conflict resolution imported only the function but the test body
references check_migration as a module throughout.

Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>

* fix: revert dependency promotions, remove nodejs-wheel-binaries, fix Docker layer caching

- Move google-generativeai, Pillow, tenacity back to ci group (they are
  lazily imported and bloat the base SDK install needlessly)
- Remove nodejs-wheel-binaries from extra_proxy and proxy-dev (redundant
  in Docker where system Node.js is already installed via apk)
- Remove all nodejs-wheel node replacement and venv npm patching blocks
  from Dockerfiles since the wheel is no longer installed
- Add --no-default-groups to CodSpeed benchmark workflow so the benchmark
  environment matches the old minimal pip install footprint
- Apply standard uv two-phase Docker pattern: copy metadata first, install
  deps (cached layer), then copy source and install project
- Replace CircleCI enterprise no-op with proper uv sync command

Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>

* chore: regenerate uv.lock after removing nodejs-wheel-binaries

Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>

* fix(ci): use cache/restore instead of cache to prevent cache poisoning

The old workflow used actions/cache/restore (read-only). The uv migration
changed it to actions/cache (read-write), which zizmor flags as a cache
poisoning risk. Restore the safer read-only variant.

Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>

* fix(ci): disable setup-uv built-in cache to silence cache-poisoning alert

The setup-uv action enables caching by default, which zizmor flags as a
cache poisoning risk. Disable it since we already use a read-only
cache/restore step.

Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>

* fix(ci): disable setup-uv cache in publish workflow

Silences zizmor cache-poisoning alert. Publishing workflow runs
infrequently on protected branches so caching adds no real benefit.

Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>

* fix(test): remove duplicate verbose_logger mock in test_check_migration

The logger was patched twice — first via mocker.patch() then via
mocker.patch.object(autospec=True). The second call fails because
autospec cannot inspect an already-mocked attribute. Remove the
redundant first patch.

Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>

* fix(ci): free disk space before Docker build in test-server-root-path

The Dockerfile.non_root build ran out of disk on the CI runner. Remove
Android SDK, .NET, Boost, and GHC toolchains (~12GB) to free space.

Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>

---------

Co-authored-by: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
2026-04-09 11:46:23 -07:00
saisurya237andGitHub f3ead2c153 add a new feature fix to expose the team alias when authenticating th… (#17725)
* CLI SSO: show team aliases in team selection

* temp poetry lock fix

* add poetry.lock to gitignore

* Revert proxy_server background job refactor

* Revert proxy_server background job refactor

* rever gitignore and poetry lock file
2025-12-10 10:10:28 -08:00
yuneng-jiang 879ae45421 Change credential encryption to only affect db credentials 2025-12-09 13:36:40 -08:00
Ishaan JaffandGitHub bdb1e16dcf [Feat] AI Gateway Auth - Allow using JWTs for signing in with Proxy CLI (#16756)
* fix auth

* get_cli_jwt_auth_token

* fix linting

* test fixes

* docs

* test fixes

* fix refactor
2025-11-17 19:47:29 -08:00
Ishaan Jaffer 8a9fe7b056 fix delete callbacks 2025-11-06 17:06:34 -08:00
Ishaan Jaffer 539d10f9cb test fix 2025-09-26 11:06:26 -07:00
Ishaan JaffandGitHub f4ecf3ca72 [Feat] Fixes for LiteLLM Proxy CLI to Auth to Gateway (#14836)
* fix: error msg from updating key

* fix _create_new_cli_key

* fix validate_key_team_change

* fix interface for chat

* ruff fix

* fix auth for keys

* get_litellm_gateway_api_key

* fix chat

* test fix

* linting fix

* fix mypy

* test_validate_key_team_change_with_member_permissions
2025-09-23 19:43:32 -07:00
Ishaan Jaffer aaebd83f31 test fixes 2025-09-23 16:07:01 -07:00
Ishaan JaffandGitHub fa20abfe48 [Feat] Proxy CLI Auth - Allow re-using cli auth token (#14780)
* fix: cli auth with SSO okta

* fix: add LITTELM_CLI_SERVICE_ACCOUNT_NAME

* fix: get_litellm_cli_user_api_key_auth

* use existing_key CLI

* fix: use existing key

* test auth commands

* test_cli_sso_callback_regenerate_vs_create_flow
2025-09-22 10:07:16 -07:00
Daniel BarkerandGitHub 47edecd5bc Fixed incorrect key info endpoint (#13633) 2025-08-15 11:10:06 -07:00
Marc AbramowitzandGitHub 40ccd2b70f Add "keys import" command to CLI (#12620)
* Add "keys import" command to CLI

E.g.:

```
litellm-proxy keys import \
  --source-base-url=https://old-litellm.company.com \
  --source-api-key=$LITELLM_KEY \
  --dry-run
```

* Add --created-since option

* Add tests

* Fix lint errors

* Fix lint issues

* Fix lint errors

* Fix response.raise_for_status not being a thing

* Fix a mypy error
2025-07-15 20:14:43 -07:00
Ishaan Jaff 0835011388 test fix creds test 2025-07-03 22:01:52 -07:00
Ishaan Jaff 9c8619ed10 test fix 2025-07-03 21:16:26 -07:00
Ishaan Jaff 81d96b9ffe fix test models 2025-07-03 21:16:26 -07:00
Ishaan Jaff bffe5bec7d test fix cli credentials 2025-07-03 21:08:35 -07:00
Ishaan Jaff e03686de5f tests fix use correct import responses 2025-07-03 21:06:31 -07:00
Ishaan JaffandGitHub 4293dd2c2a test: stabilize credentials CLI patch (#12305) 2025-07-03 18:09:32 -07:00
Ishaan JaffandGitHub 3ad6b36ffc test: patch CredentialsManagementClient in CLI (#12304) 2025-07-03 17:01:50 -07:00
Ishaan Jaff 782ba9f5a0 sys.path.insert for cli tests 2025-07-03 15:58:49 -07:00
Ishaan Jaff 96d5f891df fix test 2025-07-03 11:18:41 -07:00
Ishaan Jaff ba5af3e44b fix keys delete 2025-07-03 11:18:10 -07:00
Ishaan Jaff c3909d6f50 test_keys_delete_error_handling 2025-07-03 10:04:59 -07:00
dcieslak19973andGitHub d480cea8b0 Add azure_ai cohere rerank v3.5 (#12283)
* Add azure_ai cohere rerank v3.5

* Fix CI error
2025-07-03 10:01:45 -07:00
Ishaan Jaff 282ce1a859 test - fix delete keys 2025-07-02 22:23:10 -07:00
Ishaan JaffandGitHub a6527e5010 [Feat] Add litellm-proxy cli login for starting to use litellm proxy (#12216)
* add handlers for auth commands

* add login, logout, whoami

* refactor auth

* add CLI Authentication Flow

* add SSO sign in constants

* add itellm-session-token

* fixes for managing state with cli

* use locally stored context for cli session

* add litellm banner + interactive shell

* update main.py

* update auth to show commands

* fix ui sso render

* add TestCLISSOCallbackFunction

* update banner.py

* remove file

* fix cli sso success

* TestTokenUtilities

* fix code qa

* fix execute_command

* fix cli_sso_callback

* fix import

* Authentication using CLI
2025-07-01 18:11:19 -07:00
Cole McIntoshandGitHub abe364c2bc Fix: Ensure exception is not None before checking its string representation (#12209)
The test_keys_delete_error_handling test was failing with:
- ConnectionError when the mock wasn't properly applied
- The test was checking str(result.exception) without first verifying exception exists

This fix adds an explicit check that result.exception is not None before
attempting to convert it to string, preventing potential AttributeError
and making the test more robust.
2025-07-01 12:30:31 -07:00
Krish DholakiaandGitHub ef42461c1e Litellm fix GitHub action testing (#11163)
* test: add __init__.py files

* refactor: rename test folder to avoid naming conflict

* test: update workflows

* test: update tests

* test: update imports

* test: update tests

* test: remove unused import

* ci(test-litellm.yml): add pytest retry to github workflow

* test: fix test
2025-05-26 14:41:42 -07:00