Update dependency litellm to v1.88.1

[renovate]

ℹ️ Note

This PR body was truncated due to platform limits.

This PR contains the following updates:

Package	Change	Age	Confidence
litellm	==1.81.13 → ==1.88.1

---

Release Notes

BerriAI/litellm (litellm)

v1.88.1

Compare Source

Verify Docker Image Signature

All LiteLLM Docker images are signed with cosign. Every release is signed with the same key introduced in commit 0112e53.

Verify using the pinned commit hash (recommended):

A commit hash is cryptographically immutable, so this is the strongest way to ensure you are using the original signing key:

cosign verify \
  --key https://raw.githubusercontent.com/BerriAI/litellm/0112e53046018d726492c814b3644b7d376029d0/cosign.pub \
  ghcr.io/berriai/litellm:v1.88.1

Verify using the release tag (convenience):

Tags are protected in this repository and resolve to the same key. This option is easier to read but relies on tag protection rules:

cosign verify \
  --key https://raw.githubusercontent.com/BerriAI/litellm/v1.88.1/cosign.pub \
  ghcr.io/berriai/litellm:v1.88.1

Expected output:

The following checks were performed on each of these signatures:
  - The cosign claims were validated
  - The signatures were verified against the specified public key

---

What's Changed

• build(deps): bump pyjwt to 2.13.0 and ws override to 8.20.1 (1.88.x) by @​yuneng-berri in #​29987
• chore(release): bump version to 1.88.1 by @​yuneng-berri in #​29989

Full Changelog: BerriAI/litellm@v1.88.0...v1.88.1

v1.88.0

Compare Source

Verify Docker Image Signature

All LiteLLM Docker images are signed with cosign. Every release is signed with the same key introduced in commit 0112e53.

Verify using the pinned commit hash (recommended):

A commit hash is cryptographically immutable, so this is the strongest way to ensure you are using the original signing key:

cosign verify \
  --key https://raw.githubusercontent.com/BerriAI/litellm/0112e53046018d726492c814b3644b7d376029d0/cosign.pub \
  ghcr.io/berriai/litellm:v1.88.0

Verify using the release tag (convenience):

Tags are protected in this repository and resolve to the same key. This option is easier to read but relies on tag protection rules:

cosign verify \
  --key https://raw.githubusercontent.com/BerriAI/litellm/v1.88.0/cosign.pub \
  ghcr.io/berriai/litellm:v1.88.0

Expected output:

The following checks were performed on each of these signatures:
  - The cosign claims were validated
  - The signatures were verified against the specified public key

---

What's Changed

• fix(proxy): gate team allowed_passthrough_routes to proxy admins by @​ryan-crabbe-berri in #​28097
• fix(tests): stabilize image-edit VCR cassettes to stop live gpt-image-1 spend by @​mateo-berri in #​28110
• fix(bedrock/cohere): send embedding_types as JSON array, not string by @​ishaan-berri in #​28172
• fix(tests): migrate realtime + rerank tests off shut-down upstream models by @​yuneng-berri in #​28191
• fix(caching): replay openai/responses bridge cache hits as chat streams by @​Sameerlite in #​28158
• Litellm oss staging by @​Sameerlite in #​28161
• feat(prometheus): add user_email and user_alias to user budget metrics by @​Sameerlite in #​28155
• test(callbacks): harden flaky proxy callback-leak detector by @​yuneng-berri in #​28195
• fix(bedrock): sanitize batch metadata to prevent Pydantic ValidationError by @​mateo-berri in #​28202
• fix(deepseek): use native /anthropic/v1/messages endpoint and sanitize tools by @​mateo-berri in #​28200
• feat(ui): add Interactions API endpoint to playground with SSE streaming by @​Sameerlite in #​28156
• fix(proxy): decode bytes and pass-through SSE for Google-native streamGenerateContent (#​27444) by @​Sameerlite in #​28213
• refactor(bedrock/sagemaker): switch to lazy loading for response stre… by @​harish-berri in #​28189
• [Refactor] UI - Spend Logs: consolidate filter state and extract components by @​ryan-crabbe-berri in #​25847
• fix(tests): replace shut-down gpt-4o-audio-preview with gpt-audio-1.5 by @​yuneng-berri in #​28281
• chore(ci): bump versions by @​yuneng-berri in #​28287
• feat: propagate team_id and team_alias to all child OTEL spans by @​yassin-berriai in #​28273
• Day 0 support : Gemini 3.5 Flash by @​Sameerlite in #​28268
• Gemini managed agents support by @​Sameerlite in #​28270
• chore(ci): promote internal staging to main by @​yuneng-berri in #​28292
• feat(gemini): add gemini-3.1-flash-lite model cost map by @​Sameerlite in #​28320
• fix(spend_counter): seed Redis counter via SET NX to prevent cross-pod double-seed by @​milan-berri in #​27854
• fix(proxy): normalize batch file IDs before ManagedObjectTable write by @​Sameerlite in #​28339
• fix(router): use forwarded model_id for native Azure container IDs by @​Sameerlite in #​27921
• fix(ui): restore log filter loading indicator by @​ryan-crabbe-berri in #​28282
• test(e2e): migrate runner to uv, add All Proxy Models key test by @​ryan-crabbe-berri in #​28313
• feat(ui): team passthrough routes create parity + edit load fix by @​ryan-crabbe-berri in #​28098
• fix(mcp): JWT on tools/list and REST tools/call server resolution by @​Sameerlite in #​28227
• feat(interactions): migrate to Google Interactions API steps schema (May 2026) by @​Sameerlite in #​28153
• test(ui-e2e): admin key creation with a specific proxy model by @​ryan-crabbe-berri in #​28365
• fix(vertex_ai): omit function_call id on Vertex Gemini 3.5+ tool turns by @​Sameerlite in #​28324
• feat(mcp): allow native MCP OAuth support for cursor by @​Sameerlite in #​28327
• fix(interactions): never drop streamed text deltas; always emit terminal completion by @​mateo-berri in #​28394
• fix(proxy): expose Prisma idle/connect timeout + extra DB URL params by @​yassin-berriai in #​28395
• Litellm oss staging 1 by @​Sameerlite in #​28337
• fix: serialize guardrail_response to JSON in OTEL traces by @​yassin-berriai in #​28362
• chore(ci): merge dev branch by @​yuneng-berri in #​28314
• test(realtime): expect session.created as xAI realtime initial event by @​yuneng-berri in #​28424
• feat(tests): behavior-pinning harness + Key Tier-1 matrix by @​yuneng-berri in #​28321
• fix(proxy): hydrate wildcard discovery credentials (#​28284) - CCI Run by @​yuneng-berri in #​28419
• Litellm oss staging 04 21 2026 2 by @​Sameerlite in #​26569
• chore(ci): merge dev branch by @​yuneng-berri in #​28290
• fix(vertex_gemma): strip context_management from request body by @​mateo-berri in #​28438
• fix(logging): recalculate cost after router retry failures by @​milan-berri in #​28476
• fix(otel): emit guardrail span on violation, surface status + categories by @​yassin-berriai in #​28364
• test(proxy): behavior-pinning matrix for team management endpoints by @​yuneng-berri in #​28441
• test(vertex_ai): tolerate transient 500 in google maps grounding test by @​yuneng-berri in #​28503
• fix(docker): restore npm to non_root builder image by @​yuneng-berri in #​28519
• chore(ci): bump deps by @​yuneng-berri in #​28524
• build(deps-dev): bump black to 26.3.1 and apply formatting by @​yuneng-berri in #​28525
• chore(deps): bump deps by @​yuneng-berri in #​28528
• test(e2e): forward LITELLM_LICENSE to UI e2e proxy by @​ryan-crabbe-berri in #​28398
• Add granian as a ASGI compliant web server. Provider better throughput stability, by @​harish-berri in #​26027
• Fix conflicts and UI by @​Sameerlite in #​28477
• Add error_description and hint for oauth flows by @​Sameerlite in #​28471
• feat(mcp): Add tool call and tool list support via UI for Oauth mcps by @​Sameerlite in #​28454
• feat(proxy): persist allowlisted OIDC claims in CLI SSO poll by @​Sameerlite in #​28463
• fix(responses): use OpenAI SSEDecoder for Responses API streaming by @​Sameerlite in #​28566
• Litellm oss staging 2 by @​Sameerlite in #​28582
• [internal copy of #​28269] Codex cli jwt team alias by @​mateo-berri in #​28621
• fix(check_licenses): read PEP 639 license-expression metadata by @​yuneng-berri in #​28529
• test(proxy): behavior-pinning matrix for tier-2/3 key + team management endpoints by @​yuneng-berri in #​28620
• chore(test): remove dead old Playwright e2e suite by @​ryan-crabbe-berri in #​28632
• fix(sagemaker): send native Cohere embed payload to Cohere SageMaker endpoints by @​milan-berri in #​28613
• style: apply black formatting to fix lint CI (LIT-3274) (#​28639) by @​krrish-berri-2 in #​28641
• fix(bedrock): decouple STS region from Bedrock aws_region_name by @​milan-berri in #​28245
• test(streaming): tolerate Vertex 429 wrapped in MidStreamFallbackError by @​yuneng-berri in #​28669
• feat(guardrails): add Microsoft Purview DLP guardrail by @​Sameerlite in #​24966
• fix(mcp): forward upstream initialize instructions on cold gateway init by @​milan-berri in #​28231
• chore(ci): promote internal staging to main by @​yuneng-berri in #​28680
• CI: copy of #​25177 (OCI GenAI: embeddings, streaming/reasoning fixes, model catalog) by @​mateo-berri in #​28223
• Encrypt callback_vars in key/team metadata in DB by @​Michael-RZ-Berri in #​27141
• perf: reduce per-request and per-chunk overhead across Anthropic streaming hot paths by @​yassin-berriai in #​28289
• feat(azure): add Speech STT config support by @​ishaan-berri in #​27482
• test(proxy): phase-4 payload behavior pinning for tier-2/3 key + team management endpoints by @​yuneng-berri in #​28681
• feat(prometheus): emit per-token-type detail metrics (LIT-3220) (#​28372) by @​ishaan-berri in #​28378
• fix(otel): stamp http.response.status_code on all error responses by @​ryan-crabbe-berri in #​28405
• chore(ui): build ui by @​yuneng-berri in #​28707
• fix(helm): drop main- prefix from default image tag by @​yuneng-berri in #​28710
• test(model_prices): allow audio_transcription_config in schema by @​yuneng-berri in #​28708
• chore(ci): promote internal staging to main by @​yuneng-berri in #​28709
• fix(team): refresh team cache on team_model_add/delete (LIT-3244) by @​yuneng-berri in #​28683
• fix(ui/add-model): stop vertex_ai-anthropic_models from leaking into Anthropic dropdown by @​ryan-crabbe-berri in #​28723
• Fix spend logs v2 route permissions by @​ryan-crabbe-berri in #​28705
• fix(proxy): Bedrock Knowledge Base pass-through: preserve SigV4 headers and signed request body by @​milan-berri in #​27526
• chore(tests): migrate Bedrock CI to AWS account 9412775 by @​mateo-berri in #​28728
• fix(otel): export SERVER span on management-endpoint success without http_request by @​yassin-berriai in #​28794
• chore(ci): merge dev branch by @​yuneng-berri in #​28801
• chore(ci): merge dev branch by @​yuneng-berri in #​28657
• fix(ui): show 2-decimal precision for max_budget on key overview by @​ryan-crabbe-berri in #​28809
• feat(proxy): allow llm_api_routes virtual keys to list MCP servers by @​ryan-crabbe-berri in #​28442
• chore(ci): merge dev branch by @​yuneng-berri in #​28807
• fix(team): keep team_alias cache in sync on _cache_team_object writes by @​yuneng-berri in #​28737
• chore(ci): merge dev branch by @​yuneng-berri in #​28822
• ci: daily oss-agent-shin canonical branch by @​ishaan-berri in #​28829
• test(proxy): add harness for proxy_server.py behavior-pinning by @​yuneng-berri in #​28827
• feat(openai): apply regional-processing cost uplift for EU/US data residency by @​mateo-berri in #​28626
• chore(admin-ui): regenerate static export with trailingSlash: true by @​mateo-berri in #​28112
• fix(azure): preserve AD token refresh in v1 OpenAI client path by @​mateo-berri in #​28627
• fix(ui): route API Reference back to query-param page by @​ryan-crabbe-berri in #​28726
• fix(model-edit): allow clearing custom pricing on wildcard models by @​ryan-crabbe-berri in #​28719
• fix(tests/vcr): make Redis cassette cache replay deterministically (zero VCR misses on consecutive runs) by @​mateo-berri in #​28826
• fix(proxy): strip LiteLLM policy tracking from OpenAI batch metadata by @​shivamrawat1 in #​28425
• Litellm OpenAI double prefix bug by @​shivamrawat1 in #​28661
• Litellm oss staging 250526 by @​Sameerlite in #​28770
• fix(bedrock): align toolUse/toolSpec names and allow hyphens by @​Sameerlite in #​28874
• fix(realtime): send TEXT frames and valid guardrail session.update by @​Sameerlite in #​28848
• fix(mcp): extend key access-group union to MCP servers by @​ryan-crabbe-berri in #​28890
• fix(galileo): support hosted v2 spans API and string output extraction by @​Sameerlite in #​28771
• fix(proxy): exclude proxy_server_request from its own body snapshot by @​michelligabriele in #​28618
• [Feat] Add tool calling support for gemini and vertex ai live api by @​Sameerlite in #​26590
• refactor(ui): remove dead App Router scaffolding in (dashboard)/* by @​ryan-crabbe-berri in #​28891
• fix(docker): use system Node in componentized builders + retry apk add by @​yassin-berriai in #​28888
• docs(agents): require consent before writing new third-party names by @​yuneng-berri in #​28908
• refactor(ui): extract auth state into AuthContext by @​ryan-crabbe-berri in #​28910
• fix(mcp): resolve team.access_group_ids → MCP servers by @​ryan-crabbe-berri in #​28997
• test(ui): e2e cover team model edit + admin identity in navbar by @​ryan-crabbe-berri in #​28652
• test(e2e): cover add-fallback flow in Router Settings by @​ryan-crabbe-berri in #​29069
• test(e2e): cover Team-BYOK add-model flow as proxy admin by @​ryan-crabbe-berri in #​29068
• fix(containers): record ownership for service-account keys + fix Prisma Json serialization by @​Sameerlite in #​28990
• test(e2e): cover add-MCP-server flow via discovery → custom form by @​ryan-crabbe-berri in #​29070
• test(e2e): cover AI Hub make-public flow and public model_hub_table by @​ryan-crabbe-berri in #​29071
• [internal copy of #​28877] feat: add support for claude code goal mode for bedrock opus output config by @​mateo-berri in #​28898
• feat(guardrails): wire apply_guardrail into proxy logging callbacks by @​Sameerlite in #​28970
• chore(ci): merge dev brach by @​yuneng-berri in #​29192
• perf(streaming): cut per-chunk overhead ~30% on Anthropic + Bedrock hot path by @​yassin-berriai in #​28720
• fix(proxy): enforce tag budgets for key-level tags by @​Sameerlite in #​29108
• fix(vertex-ai): use DB credentials in video handlers + implement Veo video edit by @​Sameerlite in #​29098
• fix(datadog): drain cost-management queue + opt-in FinOps tag allowlist by @​michelligabriele in #​28487
• feat(helm): split per-component ServiceAccounts for gateway, backend, and UI by @​yassin-berriai in #​28712
• chore(ci): bump deps (#​29208) by @​yuneng-berri in #​29226
• fix(tests/vcr): mint Google OAuth tokens live to prevent stale-token replay by @​yuneng-berri in #​29229
• chore(cookbook): bump Go directive to 1.26.3 in gollem example by @​yuneng-berri in #​29234
• chore(ci): bump version by @​yuneng-berri in #​29242
• feat(anthropic): add Claude Opus 4.8 and prune reasoning-effort flags by @​mateo-berri in #​29238
• chore(ci): promote internal staging to main by @​yuneng-berri in #​29243
• fix(ci): restore real Bedrock batch S3 bucket/role in oai_misc_config by @​mateo-berri in #​29245
• fix(guardrails): persist disable_global_guardrails on keys by @​ryan-crabbe-berri in #​29233
• test(e2e): cover Team Admin view + member + key flows by @​ryan-crabbe-berri in #​29072
• docs: hand-written CLAUDE.md; remove AGENTS.md, point GEMINI.md at it by @​mateo-berri in #​29252
• fix(teams): expose keys_count on /v2/team/list and wire UI Resources badge by @​michelligabriele in #​28502
• fix(anthropic): stop injecting unsupported output_config.effort=xhigh for Claude Code on Sonnet/Opus 4.6 by @​mateo-berri in #​29304
• test(e2e): cover Internal Viewer nav, key, and team-info gating by @​ryan-crabbe-berri in #​29075
• test(e2e): cover Internal User key modal, team info, key page by @​ryan-crabbe-berri in #​29074
• test(e2e): cover navbar Logout flow as proxy admin by @​ryan-crabbe-berri in #​29076
• fix(mcp): resolve key.access_group_ids → MCP servers (ungated) by @​ryan-crabbe-berri in #​29195
• fix(router): enforce deployment budgets for dynamically added models by @​Sameerlite in #​29273
• fix(proxy): map stripped batch body.model to proxy alias for auth by @​Sameerlite in #​29264
• feat(mcp): support stateless and stateful clients via session-id routing by @​Sameerlite in #​26857
• fix(bedrock): support tool search results + chat annotations by @​Sameerlite in #​29120
• fix(mcp): ignore stale ids on key save by @​Sameerlite in #​29128
• feat(a2a): well-known agent-card discovery + LangGraph Platform mode by @​Sameerlite in #​28860
• fix(proxy): link passthrough success spans to the SERVER root OTEL span by @​ryan-crabbe-berri in #​29315
• [internal copy of #​29089] fix: duplicate claude code traces by @​mateo-berri in #​29311
• feat(otel): typed semconv-aligned OpenTelemetry instrumentation by @​yassin-berriai in #​28909
• tests(proxy_server): surface current behavior in tests by @​yuneng-berri in #​29309
• test(e2e): cover Internal User create-key flow when in no teams by @​ryan-crabbe-berri in #​29083
• test(e2e): assert internal-user navbar identity is scoped to that user by @​ryan-crabbe-berri in #​29077
• feat(otel): add team_metadata, http.route, and model names to inference spans by @​yassin-berriai in #​29319
• feat(context_management): compact_20260112 polyfill for non-Anthropic providers by @​Sameerlite in #​28868
• feat(enterprise): add RESEND_FROM_EMAIL for self-hosted Resend sends by @​shivamrawat1 in #​28830
• Revert Bedrock CI back to the reactivated AWS account (8886022) by @​mateo-berri in #​29326
• fix(mcp): preserve source_url in GET /v1/mcp/server list responses by @​shivamrawat1 in #​29249
• fix(mcp): preserve omitted fields on PUT /v1/mcp/server partial updates by @​shivamrawat1 in #​29253
• fix(ci): make litellm_internal_staging green (logging test + Bedrock Opus 4.7 self-heal) by @​mateo-berri in #​29344
• refactor(proxy/auth): normalize Bearer prefix in safe-hash helper by @​yuneng-berri in #​29343
• test(reasoning-effort-grid): cover Claude Opus 4.8 across provider routes by @​mateo-berri in #​29327
• fix(guardrails): return HTTP 400 for litellm content filter blocks by @​shivamrawat1 in #​28418
• fix(proxy): restrict vector store index create/delete to proxy admins by @​shivamrawat1 in #​29202
• feat(pass_through): extend passthrough_managed_object_ids to Azure by @​Sameerlite in #​29160
• fix(proxy): enforce allowed_passthrough_routes for auth=true pass-thr… by @​shivamrawat1 in #​29256
• feat(mcp/auth): additive key access-group grants + opt-in member assignment by @​ryan-crabbe-berri in #​29313
• fix(reset_budget): write only {spend, budget_reset_at} and stop pre-zeroing counter by @​yuneng-berri in #​29358
• test(e2e): cover PROXY_LOGOUT_URL redirect on Logout by @​ryan-crabbe-berri in #​29080
• fix(ui): break logout redirect loop across dev and proxy origins by @​yuneng-berri in #​29360
• fix(openai-moderation): wire streaming flags through to unified dispatcher by @​michelligabriele in #​27324
• chore(ci): build ui by @​yuneng-berri in #​29366
• fix(v3 limiter): cap no-max_tokens TPM floor at smallest configured limit by @​michelligabriele in #​28805
• fix(e2e): tolerate trailing slash in SERVER_ROOT_PATH login redirect by @​yuneng-berri in #​29369
• chore(deps): bump deps by @​yuneng-berri in #​29373
• chore(ci): promote internal staging to main by @​yuneng-berri in #​29372
• chore(release): patch v1.88.0-rc.1 with four staged fixes by @​mateo-berri in #​29632
• chore(release): patch v1.88.0-rc.1 with #​29612 (session-token budget-ceiling exemption) by @​mateo-berri in #​29637
• fix(key_generate): harden GHSA-q775 session-token exemption against default_key_generate_params (1.88 rc) by @​mateo-berri in #​29639

Full Changelog: BerriAI/litellm@v1.86.0...v1.88.0

v1.87.1

Compare Source

Verify Docker Image Signature

All LiteLLM Docker images are signed with cosign. Every release is signed with the same key introduced in commit 0112e53.

Verify using the pinned commit hash (recommended):

A commit hash is cryptographically immutable, so this is the strongest way to ensure you are using the original signing key:

cosign verify \
  --key https://raw.githubusercontent.com/BerriAI/litellm/0112e53046018d726492c814b3644b7d376029d0/cosign.pub \
  ghcr.io/berriai/litellm:v1.87.1

Verify using the release tag (convenience):

Tags are protected in this repository and resolve to the same key. This option is easier to read but relies on tag protection rules:

cosign verify \
  --key https://raw.githubusercontent.com/BerriAI/litellm/v1.87.1/cosign.pub \
  ghcr.io/berriai/litellm:v1.87.1

Expected output:

The following checks were performed on each of these signatures:
  - The cosign claims were validated
  - The signatures were verified against the specified public key

---

What's Changed

• chore(release): backport five staged fixes into stable/1.87.x and cut 1.87.1 by @​mateo-berri in #​29631
• chore(release): backport #​29612 (session-token budget-ceiling exemption) into stable/1.87.x and cut 1.87.2 by @​mateo-berri in #​29636
• chore: restore stable/1.87.x to 1.87.1 (revert premature 1.87.2 bump) by @​mateo-berri in #​29645

Full Changelog: BerriAI/litellm@v1.87.0...v1.87.1

v1.87.0

Compare Source

Verify Docker Image Signature

All LiteLLM Docker images are signed with cosign. Every release is signed with the same key introduced in commit 0112e53.

Verify using the pinned commit hash (recommended):

A commit hash is cryptographically immutable, so this is the strongest way to ensure you are using the original signing key:

cosign verify \
  --key https://raw.githubusercontent.com/BerriAI/litellm/0112e53046018d726492c814b3644b7d376029d0/cosign.pub \
  ghcr.io/berriai/litellm:v1.87.0

Verify using the release tag (convenience):

Tags are protected in this repository and resolve to the same key. This option is easier to read but relies on tag protection rules:

cosign verify \
  --key https://raw.githubusercontent.com/BerriAI/litellm/v1.87.0/cosign.pub \
  ghcr.io/berriai/litellm:v1.87.0

Expected output:

The following checks were performed on each of these signatures:
  - The cosign claims were validated
  - The signatures were verified against the specified public key

---

What's Changed

• fix(proxy): gate team allowed_passthrough_routes to proxy admins by @​ryan-crabbe-berri in #​28097
• fix(tests): stabilize image-edit VCR cassettes to stop live gpt-image-1 spend by @​mateo-berri in #​28110
• fix(bedrock/cohere): send embedding_types as JSON array, not string by @​ishaan-berri in #​28172
• fix(tests): migrate realtime + rerank tests off shut-down upstream models by @​yuneng-berri in #​28191
• fix(caching): replay openai/responses bridge cache hits as chat streams by @​Sameerlite in #​28158
• Litellm oss staging by @​Sameerlite in #​28161
• feat(prometheus): add user_email and user_alias to user budget metrics by @​Sameerlite in #​28155
• test(callbacks): harden flaky proxy callback-leak detector by @​yuneng-berri in #​28195
• fix(bedrock): sanitize batch metadata to prevent Pydantic ValidationError by @​mateo-berri in #​28202
• fix(deepseek): use native /anthropic/v1/messages endpoint and sanitize tools by @​mateo-berri in #​28200
• feat(ui): add Interactions API endpoint to playground with SSE streaming by @​Sameerlite in #​28156
• fix(proxy): decode bytes and pass-through SSE for Google-native streamGenerateContent (#​27444) by @​Sameerlite in #​28213
• refactor(bedrock/sagemaker): switch to lazy loading for response stre… by @​harish-berri in #​28189
• [Refactor] UI - Spend Logs: consolidate filter state and extract components by @​ryan-crabbe-berri in #​25847
• fix(tests): replace shut-down gpt-4o-audio-preview with gpt-audio-1.5 by @​yuneng-berri in #​28281
• chore(ci): bump versions by @​yuneng-berri in #​28287
• feat: propagate team_id and team_alias to all child OTEL spans by @​yassin-berriai in #​28273
• Day 0 support : Gemini 3.5 Flash by @​Sameerlite in #​28268
• Gemini managed agents support by @​Sameerlite in #​28270
• chore(ci): promote internal staging to main by @​yuneng-berri in #​28292
• feat(gemini): add gemini-3.1-flash-lite model cost map by @​Sameerlite in #​28320
• fix(spend_counter): seed Redis counter via SET NX to prevent cross-pod double-seed by @​milan-berri in #​27854
• fix(proxy): normalize batch file IDs before ManagedObjectTable write by @​Sameerlite in #​28339
• fix(router): use forwarded model_id for native Azure container IDs by @​Sameerlite in #​27921
• fix(ui): restore log filter loading indicator by @​ryan-crabbe-berri in #​28282
• test(e2e): migrate runner to uv, add All Proxy Models key test by @​ryan-crabbe-berri in #​28313
• feat(ui): team passthrough routes create parity + edit load fix by @​ryan-crabbe-berri in #​28098
• fix(mcp): JWT on tools/list and REST tools/call server resolution by @​Sameerlite in #​28227
• feat(interactions): migrate to Google Interactions API steps schema (May 2026) by @​Sameerlite in #​28153
• test(ui-e2e): admin key creation with a specific proxy model by @​ryan-crabbe-berri in #​28365
• fix(vertex_ai): omit function_call id on Vertex Gemini 3.5+ tool turns by @​Sameerlite in #​28324
• feat(mcp): allow native MCP OAuth support for cursor by @​Sameerlite in #​28327
• fix(interactions): never drop streamed text deltas; always emit terminal completion by @​mateo-berri in #​28394
• fix(proxy): expose Prisma idle/connect timeout + extra DB URL params by @​yassin-berriai in #​28395
• Litellm oss staging 1 by @​Sameerlite in #​28337
• fix: serialize guardrail_response to JSON in OTEL traces by @​yassin-berriai in #​28362
• chore(ci): merge dev branch by @​yuneng-berri in #​28314
• test(realtime): expect session.created as xAI realtime initial event by @​yuneng-berri in #​28424
• feat(tests): behavior-pinning harness + Key Tier-1 matrix by @​yuneng-berri in #​28321
• fix(proxy): hydrate wildcard discovery credentials (#​28284) - CCI Run by @​yuneng-berri in #​28419
• Litellm oss staging 04 21 2026 2 by @​Sameerlite in #​26569
• chore(ci): merge dev branch by @​yuneng-berri in #​28290
• fix(vertex_gemma): strip context_management from request body by @​mateo-berri in #​28438
• fix(logging): recalculate cost after router retry failures by @​milan-berri in #​28476
• fix(otel): emit guardrail span on violation, surface status + categories by @​yassin-berriai in #​28364
• test(proxy): behavior-pinning matrix for team management endpoints by @​yuneng-berri in #​28441
• test(vertex_ai): tolerate transient 500 in google maps grounding test by @​yuneng-berri in #​28503
• fix(docker): restore npm to non_root builder image by @​yuneng-berri in #​28519
• chore(ci): bump deps by @​yuneng-berri in #​28524
• build(deps-dev): bump black to 26.3.1 and apply formatting by @​yuneng-berri in #​28525
• chore(deps): bump deps by [@&#8203

✂ Note

PR body was truncated to here.

---

Configuration

📅 Schedule: (UTC)

• Branch creation
  • At any time (no schedule defined)
• Automerge
  • At any time (no schedule defined)

🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.

♻ Rebasing: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.

🔕 Ignore: Close this PR and you won't be reminded about this update again.

---

• If you want to rebase/retry this PR, check this box

---

This PR was generated by Mend Renovate. View the repository job log.