Verify Docker Image Signature
All LiteLLM Docker images are signed with cosign. Every release is signed with the same key introduced in commit 0112e53.
Verify using the pinned commit hash (recommended):
A commit hash is cryptographically immutable, so this is the strongest way to ensure you are using the original signing key:
cosign verify \ --key https://raw.githubusercontent.com/BerriAI/litellm/0112e53046018d726492c814b3644b7d376029d0/cosign.pub \ ghcr.io/berriai/litellm:v1.83.11-nightly
Verify using the release tag (convenience):
Tags are protected in this repository and resolve to the same key. This option is easier to read but relies on tag protection rules:
cosign verify \ --key https://raw.githubusercontent.com/BerriAI/litellm/v1.83.11-nightly/cosign.pub \ ghcr.io/berriai/litellm:v1.83.11-nightly
Expected output:
The following checks were performed on each of these signatures:
- The cosign claims were validated
- The signatures were verified against the specified public key
What's Changed
- feat(proxy): add --reload flag for uvicorn hot reload (dev only) by @ryan-crabbe-berri in #25901
- Feature/add audio support for scaleway by @nhyy244 in #26110
- Prompt Compression - add it to the proxy by @krrish-berri-2 in #25729
- Add supported providers to prompt caching doc by @Michael-RZ-Berri in #26124
- fix: /health/readiness 503 loop when DB is unreachable by @ishaan-berri in #26134
- [Fix] Apply black formatting to fix CI lint failures by @yuneng-berri in #26140
- Litellm krrish staging 04 20 2026 by @krrish-berri-2 in #26138
- chore: update retired claude-3-haiku-20240307 to claude-haiku-4-5-20251001 by @ryan-crabbe-berri in #26139
- [Fix] CI - auth_ui_unit_tests: use Postgres sidecar instead of shared DB by @yuneng-berri in #26141
- [Infra] Streamline Dockerfile.non_root build time by @yuneng-berri in #26055
- [Fix] MCP broker OAuth endpoint access controls by @yuneng-berri in #26142
- [Fix] CI: e2e_ui_testing tests stale bundle on Ubuntu (cp -r merge semantics) by @yuneng-berri in #26047
- [Fix] Align user and org budget spend checks with atomic counter pattern by @yuneng-berri in #26182
- [Infra] CI: speed up proxy unit tests and split proxy-utils into its own matrix entry by @yuneng-berri in #26150
- fix(bedrock): allowlist Bedrock Invoke body fields and filter all anthropic-beta values by @mateo-berri in #26148
- [Infra] Add freshness and destructive guards to migration workflow by @yuneng-berri in #26185
- fix(logging): add litellm_call_id to StandardLoggingPayload and OTel span by @ishaan-berri in #26133
- feat(bedrock): add support for bedrock-mantle endpoint (Claude Mythos Preview) by @ishaan-berri in #26196
- [Infra] Merge dev branch by @yuneng-berri in #26197
- [Feature] Proxy: opt-in v2 migration resolver by @yuneng-berri in #26194
- fix(bedrock_guardrails): use Bedrock OUTPUT source for apply_guardrail when scanning model responses by @shivamrawat1 in #26144
- [Infra] Bump version by @yuneng-berri in #26209
- Litellm individual team member budgets by @shivamrawat1 in #26208
- [Infra] Promote internal staging to main by @yuneng-berri in #26211
New Contributors
- @nhyy244 made their first contribution in #26110
- @Michael-RZ-Berri made their first contribution in #26124
- @mateo-berri made their first contribution in #26148
Full Changelog: v1.83.10-nightly...v1.83.11-nightly
