v1.83.0-nightly

Verifying the Docker Image

cosign verify --insecure-ignore-tlog=true --key https://raw.githubusercontent.com/BerriAI/litellm/main/cosign.pub \  ghcr.io/berriai/litellm:v1.83.0-nightly

cosign verify --insecure-ignore-tlog=true --key https://raw.githubusercontent.com/BerriAI/litellm/main/cosign.pub \  ghcr.io/berriai/litellm:v1.83.0-nightly

Output:

Verification for ghcr.io/berriai/litellm:v1.83.0-nightly -- The following checks were performed on each of these signatures:

Verification for ghcr.io/berriai/litellm:v1.83.0-nightly -- The following checks were performed on each of these signatures:

• The cosign claims were validated
• The signatures were verified against the specified public key`

What's Changed

• ci: skip scheduled workflows on forks by @DmitriyAlergant in #24460

• fix(proxy): ignore return_to in SSO when control_plane_url is not con… by @ryan-crabbe in #24475

• Correct documentation of completion_model by @benlangfeld in #24413

• chore: migrate route_preview.tsx from Tremor to Ant Design by @ryan-crabbe in #24485

• docs: add audit log export to S3 documentation by @ryan-crabbe in #24486

• fix(security_scans.sh): pin trivvy version by @krrish-berri-2 in #24525

• docs: add security update blog post for March 2026 supply chain incident by @ryan-crabbe-berri in #24537

• docs: minor updates to security update blog post by @ishaan-berri in #24540

• ci: remove publish-migrations and reset_stable workflows by @ishaan-berri in #24541

• security: remove .claude/settings.json and block re-adding via semgrep by @ishaan-berri in #24584

• docs: remove phone numbers from readme and docs by @ishaan-berri in #24587

• Litellm ryan march 23 by @ryan-crabbe in #24490

• [Infra] Pins GitHub Action workflows to specific hashes by @yuneng-berri in #24594

• docs(opencode): add guidance for dropping reasoningSummary param by @Sameerlite in #24468

• [Infra] Pin GHA dependencies and remove unused load test files by @yuneng-berri in #24607

• Update README.md by @ishaan-berri in #24649

• [Infra] Migrate PyPI Publishing from CircleCI to GitHub Actions OIDC by @yuneng-berri in #24654

• Add zizmor to ci/cd by @krrish-berri-2 in #24663

• feat(prometheus): add metrics for managed batch lifecycle by @Sameerlite in #24691

• feat(openai): round-trip Responses API reasoning_items in chat completions by @Sameerlite in #24690

• feat(fine-tuning): fix Azure OpenAI fine-tuning job creation by @Sameerlite in #24687

• feat(gemini): add gemini-3.1-flash-live-preview to model cost map by @Sameerlite in #24665

• feat(gemini): normalize AI Studio file retrieve URL by @Sameerlite in #24662

• fix(anthropic): strip undocumented keys from metadata before sending to API by @Sameerlite in #24661

• Litellm security townhall blog by @krrish-berri-2 in #24692

• fix(proxy): sanitize user_id input and block dangerous env var keys by @Sameerlite in #24624

• feat(gemini): Lyria 3 preview models in cost map and docs by @Sameerlite in #24610

• fix(openrouter): strip routing prefix for wildcard proxy deployments by @Sameerlite in #24603

• fix(pricing): remove above_200k_tokens price tiers for claude-opus-4-6 and claude-sonnet-4-6 by @Sameerlite in #24689

• fix(team-routing): preserve sibling deployment candidates for team public models by @Sameerlite in #24688

• [Fix] Pin Prisma Node.js dependency in CI workflows by @yuneng-berri in #24696

• [Infra] Improve CodeQL scanning coverage and schedule by @yuneng-berri in #24697

• fix(proxy): enforce budget limits across multi-pod deployments via Redis-backed spend counters by @michelligabriele in #24682

• [Infra] Automated schema.prisma sync and drift detection by @yuneng-berri in #24705

• fix: add /user/bulk_update to management routes by @ryan-crabbe-berri in #24708

• fix(sso): pass decoded JWT access token to role mapping during SSO login by @ryan-crabbe-berri in #24701

• fix(auth): guard JWTHandler.is_jwt() against None token by @ryan-crabbe-berri in #24706

• fix(ui): refactor budget page to React Query hooks and fix crashes by @ryan-crabbe-berri in #24711

• fix(jwt): invalidate user cache after role/team sync updates by @ryan-crabbe-berri in #24717

• litellm ryan march 26 by @ryan-crabbe-berri in #24718

• [Infra] Isolate unit test workflows with hardened security posture by @yuneng-berri in #24740

• [Fix] Test Isolation and Path Resolution for GHA Unit Tests by @yuneng-berri in #24741

• [Infra] Add unit test workflows for Postgres, Redis, and security suites by @yuneng-berri in #24742

• Feat/prometheus org budget metrics by @J-Byron in #24449

• Bedrock: move native structured output model list to cost JSON, add Sonnet 4.6 by @ndgigliotti in #23794

• [Infra] Remove CircleCI jobs now covered by GitHub Actions by @yuneng-berri in #24754

• Litellm test cleanup by @krrish-berri-2 in #24755

• [Fix] Remove NLP_CLOUD_API_KEY requirement from test_exceptions by @yuneng-berri in #24756

• Litellm vanta announcement by @krrish-berri-2 in #24800

• adopt OpenSSF Scorecard (https://scorecard.dev/) by @krrish-berri-2 in #24792

• [Test] Mock DeepInfra completion tests to avoid real API calls by @yuneng-berri in #24805

• [Refactor] Extract helper methods in guardrail handlers to fix PLR0915 by @yuneng-berri in #24802

• [Fix] Mypy Type Errors in Responses Transformation, Spend Tracking, and PagerDuty by @yuneng-berri in #24803

• [Fix] Update gemini-2.0-flash to gemini-2.5-flash in test_gemini by @yuneng-berri in #24817

• [Fix] Router code coverage CI failure for health check filter tests by @yuneng-berri in #24812

• [Fix] WatsonX Tests Failing on CI Due to Missing Env Vars by @yuneng-berri in #24814

• [Fix] Correct kwarg name in test_user_api_key_auth tests by @yuneng-berri in #24820

• fix(responses): emit content_part.added event for non-OpenAI models by @nielei3 in #24445

• Fix returned model when batch completions is used - return picked model, not comma-separated list by @krrish-berri-2 in #24753

• [Test] Move Snowflake Mocked Tests to Unit Test Directory by @yuneng-berri in #24822

• [Fix] Use correct Redis env vars and fix Azure AD token test mocking by @yuneng-berri in #24824

• chore: fixes by @jaydns in #24823

• test: use dynamic db by @krrish-berri-2 in #24827

• [Fix] Failure callbacks silently skipped when customLogger not initialized by @yuneng-berri in #24826

• bump: litellm-proxy-extras 0.4.61 → 0.4.62 for schema changes by @krrish-berri-2 in #24828

• [Security] - Pin axios=1.13.6 by @ishaan-berri in #24829

• [Test] Move test_add_and_delete_model to Mock Test by @yuneng-berri in #24837

• [Infra] Bump Version to 1.83.0 by @yuneng-berri in #24840

New Contributors

• @benlangfeld made their first contribution in #24413

• @J-Byron made their first contribution in #24449

• @jaydns made their first contribution in #24823

Full Changelog: v1.82.6.dev2...v1.83.0-nightly