v1.83.9-nightly

Verify Docker Image Signature

All LiteLLM Docker images are signed with cosign. Every release is signed with the same key introduced in commit 0112e53.

Verify using the pinned commit hash (recommended):

A commit hash is cryptographically immutable, so this is the strongest way to ensure you are using the original signing key:

cosign verify \
  --key https://raw.githubusercontent.com/BerriAI/litellm/0112e53046018d726492c814b3644b7d376029d0/cosign.pub \
  ghcr.io/berriai/litellm:v1.83.9-nightly

Verify using the release tag (convenience):

Tags are protected in this repository and resolve to the same key. This option is easier to read but relies on tag protection rules:

cosign verify \
  --key https://raw.githubusercontent.com/BerriAI/litellm/v1.83.9-nightly/cosign.pub \
  ghcr.io/berriai/litellm:v1.83.9-nightly

Expected output:

The following checks were performed on each of these signatures:
  - The cosign claims were validated
  - The signatures were verified against the specified public key

What's Changed

• fix: harden CORS credentials, create_views exception handling, and spend log cleanup loop by @shreyescodes in #25559
• fix(azure/passthrough): populate standard_logging_object via logging hook by @michelligabriele in #25679
• feat(mcp): expose per-server InitializeResult.instructions from gateway by @milan-berri in #25694
• fix(caching): add Responses API params to cache key allow-list by @michelligabriele in #25673
• feat(health-check): add BACKGROUND_HEALTH_CHECK_MAX_TOKENS env var by @Sameerlite in #25344
• feat(anthropic): retry /v1/messages after invalid thinking signature by @Sameerlite in #25674
• fix(ui): delete policy attachments via controlled modal by @Lucas-Song-Dev in #25324
• fix(proxy): enforce team membership in team-scoped key management checks by @milan-berri in #25686
• [Infra] Guard main to only accept PRs from staging and hotfix branches by @yuneng-berri in #25733
• [Infra] Merge main into litellm_internal_staging by @yuneng-berri in #25747
• fix(bedrock/anthropic): accurate cache token cost breakdown in UI and SpendLogs by @ishaan-berri in #25735
• build(ui): rebuild dashboard for cache token cost breakdown changes by @ishaan-berri in #25801
• refactor(ui): reduce Tremor usage in Guardrails Monitor layout by @ryan-crabbe-berri in #25803
• bedrock api response null type handling by @ishaan-berri in #25810
• bedrock api response null type handling by @kothamah in #24147
• [Infra] Expand CI branch filters for non-main PR targets by @yuneng-berri in #25819
• [Refactor] UI - Deleted Keys/Teams: Enterprise notice banner by @yuneng-berri in #25814
• security: prevent API key leaks in error tracebacks, logs, and alerts by @stuxf in #25117
• fix(guardrails): replace custom_code sandbox with RestrictedPython by @jaydns in #25818
• [Infra] Remove unused publish_proxy_extras and prisma_schema_sync jobs from CircleCI config by @yuneng-berri in #25821
• [Infra] Merge dev branch by @yuneng-berri in #25796
• fix: make PodLockManager.release_lock atomic compare-and-delete (re-land #21226) by @joereyna in #24466
• Optimize database query to prevent OOM errors during health checks by @harish876 in #25732
• fix(logging): preserve provider response headers in StandardLoggingPayload by @ishaan-berri in #25807
• Litellm ishaan april15 by @ishaan-berri in #25813
• Litellm ishaan april15 2 by @ishaan-berri in #25828
• docs(troubleshoot): cost discrepancy debugging guide by @Sameerlite in #25622
• Litellm ishaan april14 by @ishaan-berri in #25699
• fix(proxy): harden request parameter handling by @stuxf in #25827
• fix(proxy): add shared path utilities, prevent directory traversal by @stuxf in #25834
• fix(proxy): fix virtual key projected-spend soft budget alerts by @ryan-crabbe-berri in #25838
• fix(ui): render guardrail optional_params bool defaults in Select by @ryan-crabbe-berri in #25806
• fix(ui): use antd Select for MCP ToolTestPanel bool inputs by @ryan-crabbe-berri in #25809
• fix(ui): invalidate org queries after team mutations by @ryan-crabbe-berri in #25812
• litellm oss staging 04/15/2026 by @krrish-berri-2 in #25831
• Litellm day 0 opus 4.7 support by @Sameerlite in #25867
• [Infra] Merge dev branch by @yuneng-berri in #25871
• Fix version in docs by @Sameerlite in #25875
• [Infra] Bump llm_translation_testing resource class to xlarge by @yuneng-berri in #25887
• Litellm hotfix opus 4.7 by @Sameerlite in #25876
• [Infra] Reduce llm_translation_testing parallelism and tolerate worker restarts by @yuneng-berri in #25898
• Add docs announcement bar for Trivy compromise resolution by @krrish-berri-2 in #25870
• [Test] Remove dead Bedrock clear_thinking interleaved-thinking-beta assertion by @yuneng-berri in #25913
• [Test] Mock Bedrock Moonshot tests + [Fix] TogetherAIConfig recursion by @yuneng-berri in #25920
• bump: proxy extras version 0.4.65 → 0.4.66 by @yuneng-berri in #25873
• bump: version 1.83.8 → 1.83.9 by @yuneng-berri in #25872
• [Infra] Promote Internal Staging to main by @yuneng-berri in #25924

New Contributors

• @shreyescodes made their first contribution in #25559
• @Lucas-Song-Dev made their first contribution in #25324

Full Changelog: v1.83.8-nightly...v1.83.9-nightly