Commit Graph

33610 Commits

Author SHA1 Message Date
Sameer Kankute f68cbc4c95 Fix test_perform_health_check_filters_by_model_id 2026-02-26 10:43:05 +05:30
Sameer Kankute 3326893420 Fix mypy issues 2026-02-26 10:42:01 +05:30
Sameer Kankute f78104d34c Merge pull request #22114 from cu-aaii/2026-02-25-azure-openai-updates
New Azure OpenAI Models 2026-02-25
2026-02-26 08:02:47 +05:30
Krish Dholakia c2c8870d2d Add claims agent guardrails (5 categories + policy template) (#22113)
* Add claims agent guardrails with 243-case eval dataset

5 new category guardrails for healthcare claims agent chatbots:
- claims_fraud_coaching: fraud coaching, exaggeration, document forgery
- claims_phi_disclosure: unauthorized PHI access, bulk data extraction
- claims_prior_auth_gaming: code manipulation, medical necessity misrepresentation
- claims_system_override: system injection, rule bypass, role impersonation
- claims_medical_advice: medical advice (claims-context-aware)

Plus claims_agent_safety.yaml policy template combining all 5.

All 5 eval suites pass at 100% precision/recall/F1 (243 test cases).

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>

* Add claims agent chatbot safety policy template

Combines the 5 claims guardrails into a single deployable policy template:
fraud coaching, PHI disclosure, prior-auth gaming, system override, and medical advice.

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>

* Add guardrail benchmark results and UI compliance prompts

Adds benchmark results for claims, discrimination, and content filter guardrails.
Updates UI compliance prompt data.

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>

* Remove duplicate "file an appeal" exception in claims_prior_auth_gaming.yaml

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>

* Remove unused claims_agent_safety.yaml policy template

The claims-agent-safety template in policy_templates.json references
individual category files in categories/, not this combined file.

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>

---------

Co-authored-by: Claude Opus 4.6 <noreply@anthropic.com>
2026-02-25 18:09:38 -08:00
Steve G 9806e21871 Add Lakera v2 post-call hook and tests (fixed PII masking) (#21783)
* Add post-call hook for Lakera guardrail and mask PII in responses

* Add post-call hook for Lakera and mask PII in responses

* Fix post-call hook: pass event_type to call_v2_guard

* Address Greptile review: return ModelResponse, fix mutation, add header, test location, mask order

- PII masking path: return ModelResponse instead of dict so deployment hook accepts it
- Avoid mutating request data: deep copy original_messages and messages in _mask_pii_in_messages
- Add guardrail header in PII-only return path
- Add test in tests/test_litellm/ (test_lakera_ai_v2.py) per PR checklist
- Sort PII payload spans by (start,end) descending so multiple spans in one message mask correctly

Co-authored-by: Cursor <cursoragent@cursor.com>

* Updated ponteital for index mismatch when choices have null content and inconsistent on_flagged access pattern

* Update litellm/proxy/guardrails/guardrail_hooks/lakera_ai_v2.py

Co-authored-by: greptile-apps[bot] <165735046+greptile-apps[bot]@users.noreply.github.com>

* Update to explicitly state supported endpoints - chat completions

* Fix minor lint error on masked_entity_count

---------

Co-authored-by: Steve <steve.giguere@lakera.ai>
Co-authored-by: Cursor <cursoragent@cursor.com>
Co-authored-by: greptile-apps[bot] <165735046+greptile-apps[bot]@users.noreply.github.com>
2026-02-25 17:20:38 -08:00
yuneng-jiang 88bf8de3cf Merge pull request #22119 from BerriAI/litellm_ui_mcp_auth_non_req
[Fix] UI - MCP Servers: Make auth value optional for create flow
2026-02-25 16:48:08 -08:00
yuneng-jiang 6ac3ed6b4e Merge pull request #22122 from BerriAI/litellm_ui_spend_logs_duration
[Feature] UI - Logs: Use backend request_duration_ms and make Duration sortable
2026-02-25 16:47:22 -08:00
Krish Dholakia 4b9aba8fac feat: add UI banner warning for detailed debug mode (#21527)
Add a prominent warning banner to the UI dashboard when detailed debug
mode (LITELLM_LOG=DEBUG) is enabled. This alerts users to significant
performance degradation caused by extensive diagnostic logging.

Backend changes:
- Enhanced /health/readiness endpoint to include log_level and
  is_detailed_debug fields
- Added detection using verbose_logger.getEffectiveLevel()
- Backward compatible - old clients ignore new fields

Frontend changes:
- Updated useHealthReadiness TypeScript interface
- Created DebugWarningBanner component using Ant Design Alert
- Integrated banner into dashboard layout below navbar
- Banner only shows when DEBUG level is active
- Non-dismissible to ensure users are aware of performance impact

Co-authored-by: Claude Opus 4.6 <noreply@anthropic.com>
2026-02-25 16:32:59 -08:00
Ishaan Jaff adba088df2 Realtime API: spend log storage, playground UI, tools logging, and guardrail support (#22105)
Backend - Spend Log Storage for Realtime Calls:
- Collect user voice transcripts and text input during WebSocket sessions
- Store collected messages in spend logs when store_prompts_in_spend_logs enabled
- Capture tool definitions from session.update and tool calls from response.done
- Enrich proxy_server_request with tools and response with tool_calls for UI

Backend - WebSocket Auth:
- Support browser-based auth via Sec-WebSocket-Protocol subprotocol
- Echo back subprotocol on WebSocket accept

UI - Realtime Playground:
- New RealtimePlayground component with WebSocket voice+text chat
- Mic recording (PCM16 24kHz), server VAD, audio playback, text input
- Handle binary WebSocket frames (Blob/ArrayBuffer decoding)
- Add /v1/realtime endpoint option to playground endpoint selector

UI - Tools Section for Realtime Logs:
- Extract tool calls from realtime response format (response.tool_calls
  and response.results[].response.output[].type=function_call)

Tests:
- 15 new backend tests for realtime streaming and spend log storage
- 4 new UI tests for realtime tool call extraction

Fixes pre-existing build errors:
- ToolPolicies.tsx: duplicate import, antd styles type
- create_key_button.tsx: missing message import

Co-authored-by: Cursor Agent <cursoragent@cursor.com>
Co-authored-by: Ishaan Jaff <ishaan-jaff@users.noreply.github.com>
2026-02-25 14:55:27 -08:00
Ishaan Jaff cc85fe5921 Proxy request tags docs (#22129)
* docs: document x-litellm-tags header and request body tags parameter

- Add documentation for x-litellm-tags header (comma-separated or array)
- Add documentation for tags in request body
- Clarify that dynamic tags override config tags

Co-authored-by: Ishaan Jaff <ishaan-jaff@users.noreply.github.com>

* docs: consolidate tag documentation and improve cross-references

- Make request_tags.md the single source of truth for all tag options
- Add cross-reference from cost_tracking.md to request_tags.md
- Document both direct tags and metadata.tags formats
- Add key/team tag setup and custom header tracking to request_tags.md
- Reduce duplication and make navigation clearer

Co-authored-by: Ishaan Jaff <ishaan-jaff@users.noreply.github.com>

* docs: use generic examples instead of specific company names

Co-authored-by: Ishaan Jaff <ishaan-jaff@users.noreply.github.com>

* docs: clarify x-litellm-tags header format is comma-separated string

HTTP headers are always strings, not arrays. Remove misleading
array format documentation for the header parameter.

Co-authored-by: Ishaan Jaff <ishaan-jaff@users.noreply.github.com>

* Update docs/my-website/docs/proxy/request_tags.md

Co-authored-by: greptile-apps[bot] <165735046+greptile-apps[bot]@users.noreply.github.com>

---------

Co-authored-by: Cursor Agent <cursoragent@cursor.com>
Co-authored-by: Ishaan Jaff <ishaan-jaff@users.noreply.github.com>
Co-authored-by: greptile-apps[bot] <165735046+greptile-apps[bot]@users.noreply.github.com>
2026-02-25 14:29:00 -08:00
Julio Quinteros Pro 54e4af84d6 fix(auth): remove hardcoded base64 string flagged by secret scanner (#22125)
Replace literal Base64-encoded example value in docstring with a
placeholder to prevent GitGuardian/ggshield from flagging it as a
leaked Basic Authentication credential in container scans.

Co-authored-by: Claude Opus 4.6 <noreply@anthropic.com>
2026-02-25 14:18:36 -08:00
yuneng-jiang 743b8fd307 reverting experimental out 2026-02-25 12:27:44 -08:00
yuneng-jiang 5140062c09 [Feature] UI - Logs: Use backend request_duration_ms and make Duration sortable
Use the backend-provided request_duration_ms field instead of computing
duration client-side from startTime/endTime. Add sort support for the
Duration column, which sends sortBy=request_duration_ms to the API.

Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
2026-02-25 12:24:11 -08:00
ryan-crabbe b9dd36c14b Merge pull request #22028 from BerriAI/litellm_batch_update_database_tasks
perf(proxy): batch 11 create_task() calls into 1 in update_database()
2026-02-25 12:16:58 -08:00
Ryan Crabbe 1c1b9cda42 merge: resolve conflict with origin/main in test_db_spend_update_writer.py
Keep both batch update tests (from this branch) and pipeline test (from main).
2026-02-25 12:15:53 -08:00
Ryan Crabbe e1e05d27f8 Merge remote-tracking branch 'origin/main' into litellm_batch_update_database_tasks 2026-02-25 12:12:10 -08:00
ryan-crabbe 9857643eb4 Merge pull request #22044 from ryan-crabbe/litellm_redis_pipeline_spend_updates
Litellm redis pipeline spend updates
2026-02-25 12:11:09 -08:00
github-actions[bot] 6e10428e00 chore: regenerate poetry.lock to match pyproject.toml (#22120)
Co-authored-by: github-actions[bot] <github-actions[bot]@users.noreply.github.com>
2026-02-25 20:10:37 +00:00
yuneng-jiang 243a207b1e Merge pull request #22066 from BerriAI/litellm_spend_log_duration
[Feature] Add request_duration_ms to SpendLogs
2026-02-25 12:09:31 -08:00
yuneng-jiang db05a5f025 adding build artifacts 2026-02-25 12:08:41 -08:00
yuneng-jiang 1132176289 bump: version 0.4.47 → 0.4.48 2026-02-25 12:08:15 -08:00
yuneng-jiang 9d6f02e8b7 Merge remote-tracking branch 'origin' into litellm_spend_log_duration 2026-02-25 12:06:19 -08:00
yuneng-jiang a4fd75fd31 [Fix] UI - MCP Servers: Make auth value optional for create flow
The backend validator and frontend form both enforced auth_value as
required when auth_type is api_key, bearer_token, or basic. Users who
want to provide auth dynamically (via per-request headers or OAuth2
flows) could not skip the field.

- Remove required validation from auth_value in create_mcp_server.tsx
  (keep whitespace-only rejection, matching the edit flow)
- Remove validate_credentials_requirements in NewMCPServerRequest
  (all downstream code already treats auth_value as optional)
- Add tests for the create MCP server component

Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
2026-02-25 12:04:00 -08:00
Krish Dholakia 12c4876891 Agents - assign tools (#22064)
* feat(proxy): add max_iterations limiter for agent session loops (#22058)

Adds a new proxy hook that enforces a per-session cap on the number of
LLM calls an agentic loop can make. Callers send a session_id with each
request, and the hook counts calls per session, returning 429 when the
configured max_iterations limit is exceeded.

- Uses Redis Lua script for atomic increment (multi-instance safe)
- Falls back to in-memory cache when Redis unavailable
- Follows parallel_request_limiter_v3 pattern
- Configurable via key metadata: {"max_iterations": 25}
- Session counters auto-expire via TTL (default 1hr)

Co-authored-by: Claude Opus 4.6 <noreply@anthropic.com>

* feat: add new code execution dataset

* feat(agent_endpoints/): allow giving agents keys

* fix: ui fixes

* feat: allow assigning mcp servers to agents

* fix: eliminate duplicate DB queries in MCP agent auth and N+1 in agent listing (#22110)

- Extract _get_agent_object_permission helper so _get_allowed_mcp_servers_for_agent
  and _get_agent_tool_permissions_for_server share a single DB fetch instead of
  each independently querying the same agent row (was 1+N queries per MCP request)
- Use include={"object_permission": True} on find_many in get_all_agents_from_db
  to eagerly load permissions in one query instead of N+1
- Use include={"object_permission": True} on create/update/find_unique in all
  agent CRUD operations, removing attach_object_permission_to_dict follow-up calls

Co-authored-by: Claude Opus 4.6 <noreply@anthropic.com>

---------

Co-authored-by: Claude Opus 4.6 <noreply@anthropic.com>
2026-02-25 11:44:30 -08:00
yuneng-jiang a4baa022c5 Merge pull request #22116 from BerriAI/ui_build_fix_feb25
[Infra] Ui Build and Test Fixes
2026-02-25 11:31:45 -08:00
yuneng-jiang 30e8151288 fixing build and tests 2026-02-25 11:30:09 -08:00
yuneng-jiang edd00c025c Merge pull request #22112 from BerriAI/litellm_credential_tag_docs
[Docs] Credential Usage Tracking
2026-02-25 10:55:52 -08:00
yuneng-jiang 7daeaf8106 [Docs] Add Credential Usage Tracking documentation
Add new document explaining automatic credential usage tracking and tagging. When models use reusable credentials, LiteLLM automatically injects a Credential: <name> tag on requests, enabling credential-level spend tracking on the Usage page with no additional configuration.

Co-Authored-By: Claude Haiku 4.5 <noreply@anthropic.com>
2026-02-25 10:52:24 -08:00
yuneng-jiang b9d3fdf93e Merge remote-tracking branch 'origin' into ui_build_fix_feb25 2026-02-25 10:51:50 -08:00
yuneng-jiang cd41b49061 fixing build 2026-02-25 10:51:42 -08:00
yuneng-jiang 243771f99a Merge pull request #22108 from BerriAI/litellm_pricing_calc_tests
[Test] UI - Pricing Calculator: Add comprehensive unit tests
2026-02-25 10:51:12 -08:00
Krish Dholakia 5662228e20 feat(ui): add user filtering to usage page (#22059)
* feat(ui): add user filtering to usage page

Adds "User Usage" as a new view option in the usage page dropdown,
allowing admins to view and filter usage data by individual users
via the existing /user/daily/activity backend endpoint.

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>

* feat(ui/): working usage filtering

* fix(ui): use single-select for user filter and add tests

The user entity type's backend endpoint only accepts a single user_id,
so the filter now uses single-select mode instead of multi-select.
Added tests for the new user entity type in EntityUsage and
UsageViewSelect. Updated CLAUDE.md and AGENTS.md with guidance on
UI/backend contract consistency and test coverage for new entity types.

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>

* revert: remove unintended package-lock.json changes

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>

* revert: restore package-lock.json to merge base state

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>

---------

Co-authored-by: Claude Opus 4.6 <noreply@anthropic.com>
2026-02-25 10:37:45 -08:00
Marty Sullivan 0d94ea6ae1 add new azure models 2026-02-25 13:31:45 -05:00
yuneng-jiang a38993b871 Merge pull request #22107 from BerriAI/litellm_fix_ui_duplicate_import_v2
fix(ui): remove duplicate antd import in ToolPolicies
2026-02-25 10:25:56 -08:00
yuneng-jiang 6ae7e84a0b [Test] UI - Pricing Calculator: Add comprehensive unit tests
Added unit tests for all pricing calculator components with 64 passing tests across 5 test files:
- multi_export_utils.test.ts (16 tests for PDF/CSV export functions)
- use_multi_cost_estimate.test.ts (15 tests for cost estimation hook)
- multi_export_dropdown.test.tsx (8 tests for export dropdown component)
- multi_cost_results.test.tsx (15 tests for results display and UI states)
- index.test.tsx (10 tests for main calculator component)

Also fixed missing page description for tool-policies page in page_metadata.ts.

Co-Authored-By: Claude Haiku 4.5 <noreply@anthropic.com>
2026-02-25 10:25:25 -08:00
Shin 115b9a2d29 fix(ui): remove duplicate antd import in ToolPolicies
Duplicate import was causing UI build to fail:
- Line 4: import { Select, Switch, Tooltip } from 'antd'
- Line 5: import { Select, Tooltip } from 'antd' (duplicate)

Removed the duplicate line 5.
2026-02-25 18:09:17 +00:00
Sameer Kankute 47c24ef8ae Merge pull request #22094 from BerriAI/litellm_bump_openai_25_02
[chore] bump OpenAI package version
2026-02-25 18:46:10 +05:30
Sameer Kankute 05165779ac Merge pull request #22081 from BerriAI/litellm_fix_bedrock_batch_health_check
Fix: Test connect failing for bedrock batches mode
2026-02-25 18:46:01 +05:30
Sameer Kankute ebe35aad9a Merge pull request #22080 from BerriAI/litellm_vllm_response_fix
Fix None (TypeError: 'NoneType' object is not a mapping)
2026-02-25 18:45:54 +05:30
Sameer Kankute ec3ae25a3a Merge pull request #22070 from BerriAI/litellm_forward_auth_headers
[Feat]Add forward auth headers of provider
2026-02-25 18:45:38 +05:30
Harshit Jain fbffa9a215 Merge pull request #22095 from Harshit28j/litellm_fix_RCE_issues
fix Unauthenticated RCE and Sandbox Escape in Custom Code Guardrail
2026-02-25 18:23:04 +05:30
Harshit28j c3e32b450e Address CR feedback: fix auth dependency duplication, correct logger wording, clean imports 2026-02-25 18:02:12 +05:30
Harshit28j e50b4486d0 fix Unauthenticated RCE and Sandbox Escape in Custom Code Guardrail 2026-02-25 17:57:32 +05:30
Sameer Kankute ec9ec6b771 remove comment 2026-02-25 17:40:46 +05:30
Sameer Kankute 955b85015f Bump openai package 2026-02-25 17:40:41 +05:30
Harshit Jain d2aeb3e513 Merge pull request #22084 from Harshit28j/litellm_presidio-non-json-response-handling
fix(guardrails): prevent presidio crash on non-json responses
2026-02-25 16:37:39 +05:30
Harshit28j 6a8052295b fix(guardrails): prevent presidio crash on non-json responses 2026-02-25 16:11:24 +05:30
Harshit Jain 66c49dbb9c Merge pull request #22077 from Harshit28j/litellm_gemini_trace_id_missingv2
Litellm gemini trace id missingv2
2026-02-25 15:09:42 +05:30
Sameer Kankute 61f9222156 Fix: Test connect failing for bedrock batches mode 2026-02-25 15:03:27 +05:30
Sameer Kankute 45c87a714e Fix None (TypeError: 'NoneType' object is not a mapping) 2026-02-25 14:39:12 +05:30