Verify Docker Image Signature
All LiteLLM Docker images are signed with cosign. Every release is signed with the same key introduced in commit 0112e53.
Verify using the pinned commit hash (recommended):
A commit hash is cryptographically immutable, so this is the strongest way to ensure you are using the original signing key:
cosign verify \ --key https://raw.githubusercontent.com/BerriAI/litellm/0112e53046018d726492c814b3644b7d376029d0/cosign.pub \ ghcr.io/berriai/litellm:v1.82.3-stable.patch.3
Verify using the release tag (convenience):
Tags are protected in this repository and resolve to the same key. This option is easier to read but relies on tag protection rules:
cosign verify \ --key https://raw.githubusercontent.com/BerriAI/litellm/v1.82.3-stable.patch.3/cosign.pub \ ghcr.io/berriai/litellm:v1.82.3-stable.patch.3
Expected output:
The following checks were performed on each of these signatures:
- The cosign claims were validated
- The signatures were verified against the specified public key
What's Changed
- feat(ui): add per-model rate limits to team edit/info views by @ryan-crabbe-berri
- feat(ui): expose Azure Entra ID credential fields in provider form by @ryan-crabbe-berri
- feat(triton): add embedding usage tracking fallback by @yuneng-berri
- fix(ui): wire team_id filter to key alias dropdown on Virtual Keys tab by @ryan-crabbe-berri
- fix(ui): add paginated team search to usage page filter by @ryan-crabbe-berri
- fix(ui): require TPM or RPM when adding a per-model team rate limit by @ryan-crabbe-berri
- fix(ui): add useInfiniteTeams hook needed by team_multi_select by @ryan-crabbe-berri
- fix(ui): logs guardrail mode type crash on non-string values by @yuneng-berri
- refactor(proxy): extract _apply_non_admin_alias_scope to fix PLR0915 by @ryan-crabbe-berri
- fix(docker): backport non-root Dockerfile build fixes from main by @yuneng-berri
Full Changelog: v1.82.3-stable.patch.2...v1.82.3-stable.patch.3
