v1.83.6-nightly

Verify Docker Image Signature

All LiteLLM Docker images are signed with cosign. Every release is signed with the same key introduced in commit 0112e53.

Verify using the pinned commit hash (recommended):

A commit hash is cryptographically immutable, so this is the strongest way to ensure you are using the original signing key:

cosign verify \
  --key https://raw.githubusercontent.com/BerriAI/litellm/0112e53046018d726492c814b3644b7d376029d0/cosign.pub \
  ghcr.io/berriai/litellm:v1.83.6-nightly

Verify using the release tag (convenience):

Tags are protected in this repository and resolve to the same key. This option is easier to read but relies on tag protection rules:

cosign verify \
  --key https://raw.githubusercontent.com/BerriAI/litellm/v1.83.6-nightly/cosign.pub \
  ghcr.io/berriai/litellm:v1.83.6-nightly

Expected output:

The following checks were performed on each of these signatures:
  - The cosign claims were validated
  - The signatures were verified against the specified public key

What's Changed

• Litellm docs 1 83 3 by @ishaan-berri in #25166
• [Nit] Small docs fix, fixing img + folder name by @ishaan-berri in #25171
• docs: week 1 checklist by @mubashir1osmani in #25083
• [Docs] Add cosign Docker image verification steps to security blog posts by @yuneng-berri in #25122
• [Infra] Remove flaky proxy_e2e_azure_batches_tests CI workflow by @yuneng-berri in #25247
• [Docs] Enforce Black Formatting in Contributor Docs by @yuneng-berri in #25135
• [Infra] Remove Redundant Matrix Unit Test Workflow by @yuneng-berri in #25251
• feat: add POST /team/permissions_bulk_update endpoint by @ryan-crabbe-berri in #25239
• fix: batch-limit stale managed object cleanup to prevent 300K row UPD… by @ishaan-berri in #25258
• bump litellm-enterprise to 0.1.37 by @ishaan-berri in #25265
• bump litellm version to 1.83.4 by @ishaan-berri in #25266
• Litellm aws gov cloud mode support by @shivamrawat1 in #25254
• [Fix] Update check_responses_cost tests for _expire_stale_rows by @yuneng-berri in #25299
• [Test] UI - E2E: Add Playwright tests with local PostgreSQL by @yuneng-berri in #25126
• [Fix] Dockerfile.non_root: handle missing .npmrc gracefully by @yuneng-berri in #25307
• fix(auth): allow JWT override OAuth2 routing without global OAuth2 enablement by @milan-berri in #25252
• [Infra] Pin cosign.pub verification to initial commit hash by @yuneng-berri in #25273
• [Refactor] Align /v2/key/info response handling with v1 by @yuneng-berri in #25313
• Fix node-gyp symlink path after npm upgrade in Dockerfile by @joereyna in #25048
• [Infra] Bump version 1.83.4 → 1.83.5 by @yuneng-berri in #25316
• fix(mcp): block arbitrary command execution via stdio transport by @Sameerlite in #25343
• [Infra] Migrate Redis caching tests from GHA to CircleCI by @yuneng-berri in #25354
• [Feature] UI E2E Tests: Proxy Admin Team and Key Management by @yuneng-berri in #25365
• Add Ramp as a built-in success callback by @kedarthakkar in #23769
• fix(router): tag-based routing broken when encrypted_content_affinity is enabled by @Sameerlite in #25347
• feat(triton): add embedding usage estimation for self-hosted responses by @Sameerlite in #25345
• fix(router): pass custom_llm_provider to get_llm_provider for unprefixed model names by @Sameerlite in #25334
• Litellm oss staging 04 02 2026 p1 by @krrish-berri-2 in #25055
• feat(cost): add baseten model api pricing entries by @Sameerlite in #25358
• feat(proxy): add credential overrides per team/project via model_config metadata by @michelligabriele in #24438
• docs: add Docker Image Security Guide (cosign verification & deployment best practices) by @krrish-berri-2 in #25439
• fix(test): mock headers in test_completion_fine_tuned_model by @joereyna in #25444
• feat(mcp): add per-user OAuth token storage for interactive MCP flows by @csoni-cweave in #25441
• [Fix] UI: improve storage handling and Dockerfile consistency by @yuneng-berri in #25384
• fix(responses-ws): append ?model= to backend WebSocket URL by @joereyna in #25437
• [Docs] Add missing MCP per-user token env vars to config_settings by @yuneng-berri in #25471
• [Test] UI - Unit tests: raise global vitest timeout and remove per-test overrides by @yuneng-berri in #25468
• refactor: consolidate route auth for UI and API tokens by @ryan-crabbe-berri in #25473
• [Fix] Responses WebSocket Duplicate Keyword Argument Error by @yuneng-berri in #25513
• fix(bedrock): avoid double-counting cache tokens in Anthropic Messages streaming usage by @Sameerlite in #25517
• bump: version 1.83.5 → 1.83.6 by @yuneng-berri in #25528

New Contributors

• @kedarthakkar made their first contribution in #23769
• @csoni-cweave made their first contribution in #25441

Full Changelog: v1.83.3.rc.1...v1.83.6-nightly