Verify Docker Image Signature
All LiteLLM Docker images are signed with cosign. Every release is signed with the same key introduced in commit 0112e53.
Verify using the pinned commit hash (recommended):
A commit hash is cryptographically immutable, so this is the strongest way to ensure you are using the original signing key:
cosign verify \ --key https://raw.githubusercontent.com/BerriAI/litellm/0112e53046018d726492c814b3644b7d376029d0/cosign.pub \ ghcr.io/berriai/litellm:1.84.0-dev.2
Verify using the release tag (convenience):
Tags are protected in this repository and resolve to the same key. This option is easier to read but relies on tag protection rules:
cosign verify \ --key https://raw.githubusercontent.com/BerriAI/litellm/1.84.0-dev.2/cosign.pub \ ghcr.io/berriai/litellm:1.84.0-dev.2
Expected output:
The following checks were performed on each of these signatures:
- The cosign claims were validated
- The signatures were verified against the specified public key
What's Changed
- merge main by @Sameerlite in #25521
- merge litellm_internal_staging by @Sameerlite in #25949
- merge main by @Sameerlite in #26304
- merge main by @Sameerlite in #26379
- merge main by @Sameerlite in #26437
- ci(release): accept PEP 440 tag forms in create-release workflow by @yuneng-berri in #26734
- [Feat] Add gpt-image-2 support (#26644) by @ishaan-berri in #26705
- feat(provider): add AIHubMix as an OpenAI-compatible provider by @xinrui-z in #24294
- merge internal staging by @Sameerlite in #26737
- merge main by @Sameerlite in #26742
- merge mian by @Sameerlite in #26745
- fix(test): scope ERROR log assertion to LiteLLM logger in test_model_alias_map by @mateo-berri in #26741
- merge main by @Sameerlite in #26757
- fix(bedrock, anthropic): translate OpenAI file content on tool-result path by @minznerjosh in #26710
- remove /ui/chat page by @ishaan-berri in #26739
- fix: add optional TCP SO_KEEPALIVE support to aiohttp's TCPConnector by @yassinkortam in #26730
- feat(proxy): LiteLLM headers on Google native generateContent routes by @Sameerlite in #25500
- feat(vector-stores): support Bedrock retrievalConfiguration passthrough by @Sameerlite in #26685
- feat(mcp): opt-in short-ID tool prefix to keep MCP tool names under the 60-char limit by @mateo-berri in #26733
- fix(proxy): self-heal Prisma read paths + harden reconnect state machine by @yuneng-berri in #26756
- [Fix] Redact spend logs error message by @Michael-RZ-Berri in #26662
- [Feat]Add support for azure entra discovery endpoint by @Sameerlite in #26584
- [Fix] Proxy: reconnect Prisma DB without blocking the event loop by @yuneng-berri in #26225
- feat(proxy): durable agent workflow run tracking via /v1/workflows/runs by @ishaan-berri in #26793
- chore(auth): tighten clientside api_base handling by @stuxf in #26518
- fix: drop sensitive locals from re-raised error messages by @ryan-crabbe-berri in #26823
- test(vertex-batches): set is_redirect=False on mocked retrieve response by @yuneng-berri in #26844
- chore(vector-stores): redact credentials in list/info/update responses; gate update by per-store access by @stuxf in #26489
- chore(auth): substitute alias for master key on UserAPIKeyAuth by @stuxf in #26484
- fix(mcp): tighten public-route detection and OAuth2 fallback gating by @stuxf in #26463
- [Fix] Team member null budget fallback by @Michael-RZ-Berri in #26809
- fix(proxy): inherit caller identity in passthrough batch managed-object by @ryan-crabbe-berri in #26831
- fix(proxy/auth): tighten guardrail modification permission check by @ryan-crabbe-berri in #26821
- [Fix] CI/Tooling: Correct min-release-age value in .npmrc files by @yuneng-berri in #26850
- fix(bedrock): add 1-hour cache write pricing for Claude 4.5/4.6/4.7 (Global, US) by @mateo-berri in #26800
- feat(proxy): add team-level search provider credentials by @Sameerlite in #26691
- Litellm oss staging by @Sameerlite in #26759
- fix(proxy/batches): forward model to retrieve_batch for bedrock by @sruthi-sixt-26 in #26814
- fix(passthrough): track spend for interrupted Bedrock streams by @mateo-berri in #26719
- merge main by @Sameerlite in #26855
- Litellm oss staging by @Sameerlite in #26852
- chore(team): audit-log team-callback admin mutations by @stuxf in #26859
- chore(team): close authz bypass via the available-team check by @stuxf in #26854
- chore(auth): harden invite-link onboarding token flow by @stuxf in #26843
- chore(mcp): tighten OAuth root endpoint resolution by @stuxf in #26840
- fix: validate aws region name by @yassin-berriai in #26906
- fix: drop milvus dbName and partitionNames from MILVUS_OPTIONAL_PARAMS by @yassin-berriai in #26910
- [Feat / Fix] Lazy loaded imports, lazy loaded front page by @Michael-RZ-Berri in #26802
- chore(proxy): harden request control fields by @stuxf in #26862
- chore(proxy): block env callback refs in key metadata by @stuxf in #26851
- chore(mcp): encrypt user-scoped MCP credentials at rest by @stuxf in #26836
- chore(mcp): SSRF guard on OAuth metadata discovery follow-up fetches by @stuxf in #26849
- [Fix] Replace subprocess startup-import diff with static source scan by @Michael-RZ-Berri in #26934
- chore(passthrough): default auth=True and drop enterprise gate on the safe option by @stuxf in #26827
- chore(proxy): contain UI_LOGO_PATH / LITELLM_FAVICON_URL on unauthenticated asset endpoints by @stuxf in #26815
- chore(cli): tighten CLI SSO session flow by @stuxf in #26835
- [Test] Proxy E2E: Opt In To Client Mock Response For Model Access Tests by @yuneng-berri in #26941
- [Fix] Responses API: Omit Empty Body On DELETE by @yuneng-berri in #26949
- Run pre_call_hook on Google generateContent endpoints by @Michael-RZ-Berri in #26914
- [Fix] Refresh Redis TTL on counter writes, skip stale in-memory in Redis by @Michael-RZ-Berri in #26829
- Add pagination controls to model health status by @shivamrawat1 in #26826
- feat(vertex_ai): propagate metadata labels to embedding, Imagen, rerank by @Sameerlite in #25499
- fix(anthropic): json response_format + user tools non-streaming by @Sameerlite in #26222
- [Infra] Bump Versions by @yuneng-berri in #26961
- [Infra] Promote Internal Staging to main by @yuneng-berri in #26962
New Contributors
- @xinrui-z made their first contribution in #24294
- @minznerjosh made their first contribution in #26710
- @yassinkortam made their first contribution in #26730
- @sruthi-sixt-26 made their first contribution in #26814
- @yassin-berriai made their first contribution in #26906
Full Changelog: 1.84.0-dev.1...1.84.0-dev.2
