Latest Results
chore(main): release 0.8.6 (#2002)
<!-- HIGHLIGHTS_START -->
## Highlights
> _AI-generated summary (model: `openai/gpt-4.1-mini` via GitHub
Models). Commit-based changelog below._
### What you'll notice
- Multi-agent coordination is now active immediately on startup for
smoother operation.
- Governance rules are fully enforced during use, ensuring compliance at
all times.
- Coordination metrics update live, giving real-time insights into
system activity.
- Review agents are now reliably processed, preventing silent drops in
tasks.
- Sandbox containers can be reused for agents and tasks, speeding up
execution and reducing overhead.
### What's new
- Agents support online runtime with a minimal safety framework to
improve stability.
- Recorded LLM interactions can be deterministically replayed at the
provider interface.
- Distributed path validation has been enhanced for more robust data
routing.
- A client-simulation runtime was added for end-to-end testing of the
IntakeEngine.
- A new work pipeline spine architecture has been introduced to
streamline task processing.
### Under the hood
- Infrastructure, Python, and web dependencies have all been updated to
latest versions.
- Updated apko lockfiles in the CI/CD pipeline improve build
consistency.
<!-- HIGHLIGHTS_END -->
:robot: I have created a release *beep* *boop*
---
##
[0.8.6](https://github.com/Aureliolo/synthorg/compare/v0.8.5...v0.8.6)
(2026-05-19)
### Features
* agent runtime online + minimal safety spine (runtime root)
([#2003](https://github.com/Aureliolo/synthorg/issues/2003))
([e5eef1a](https://github.com/Aureliolo/synthorg/commit/e5eef1ad58852385039493dbd78bbc500f807149)),
closes [#1956](https://github.com/Aureliolo/synthorg/issues/1956)
* deterministic recorded-LLM cassette replay at the provider chokepoint
([#2010](https://github.com/Aureliolo/synthorg/issues/2010))
([cabf55d](https://github.com/Aureliolo/synthorg/commit/cabf55db340146b4e1d93fc805f1c150b8476237))
* distributed path validation + hardening
([#2011](https://github.com/Aureliolo/synthorg/issues/2011))
([a382e4a](https://github.com/Aureliolo/synthorg/commit/a382e4a4d519d14f9feb8ef032b7bed4e659fbff)),
closes [#1966](https://github.com/Aureliolo/synthorg/issues/1966)
* wire IntakeEngine via boot client-simulation runtime (e2e test
harness) ([#2006](https://github.com/Aureliolo/synthorg/issues/2006))
([6a9c0aa](https://github.com/Aureliolo/synthorg/commit/6a9c0aa5030cd717d772bccda8202f44d8ce4da7)),
closes [#1961](https://github.com/Aureliolo/synthorg/issues/1961)
* work pipeline spine
([#1960](https://github.com/Aureliolo/synthorg/issues/1960))
([#2013](https://github.com/Aureliolo/synthorg/issues/2013))
([29b64e3](https://github.com/Aureliolo/synthorg/commit/29b64e319109d38284a1d7cf5b1bae47c0eafbc0))
### Bug Fixes
* bring the multi-agent coordinator online at boot
([#2007](https://github.com/Aureliolo/synthorg/issues/2007))
([180b38a](https://github.com/Aureliolo/synthorg/commit/180b38a50b2c24b306d5ea839b983205cdf06913)),
closes [#1958](https://github.com/Aureliolo/synthorg/issues/1958)
* full governance enforcement online
([#1957](https://github.com/Aureliolo/synthorg/issues/1957))
([#2005](https://github.com/Aureliolo/synthorg/issues/2005))
([4140fc5](https://github.com/Aureliolo/synthorg/commit/4140fc544d389843bec85e81590ca5e2226926ff))
* harden anti-ghost-wiring gate and fix silently-dropped review agents
([#2000](https://github.com/Aureliolo/synthorg/issues/2000))
([89b57ce](https://github.com/Aureliolo/synthorg/commit/89b57ce0187fec6054fffbfcfad15558f0fd93fc))
* make coordination metrics live
([#1959](https://github.com/Aureliolo/synthorg/issues/1959))
([#2012](https://github.com/Aureliolo/synthorg/issues/2012))
([c4775e2](https://github.com/Aureliolo/synthorg/commit/c4775e27229e81e8c5f73dfba5db78ef8a8e471f))
* sandbox lifecycle dispatch (per-agent / per-task container reuse)
([#2008](https://github.com/Aureliolo/synthorg/issues/2008))
([03d2587](https://github.com/Aureliolo/synthorg/commit/03d25874c17b76d7325102d3406bff9b650ae3ca)),
closes [#1965](https://github.com/Aureliolo/synthorg/issues/1965)
### Documentation
* add GitButler concept-only concurrency research
([#1978](https://github.com/Aureliolo/synthorg/issues/1978))
([#2009](https://github.com/Aureliolo/synthorg/issues/2009))
([9e4f5c1](https://github.com/Aureliolo/synthorg/commit/9e4f5c1bad94338708dc1f78d070c5d300c9a3fb))
* honest-hybrid refresh of README, site, and design specs
([#2001](https://github.com/Aureliolo/synthorg/issues/2001))
([f485bea](https://github.com/Aureliolo/synthorg/commit/f485bea9ac02777018acae3f6977502bcfcfe439))
### CI/CD
* update apko lockfiles
([#2004](https://github.com/Aureliolo/synthorg/issues/2004))
([e2b9eee](https://github.com/Aureliolo/synthorg/commit/e2b9eee04a70c09ee4c9f50057d0a1dbc74536c5))
### Maintenance
* Update Infrastructure dependencies
([#2014](https://github.com/Aureliolo/synthorg/issues/2014))
([0b16bdf](https://github.com/Aureliolo/synthorg/commit/0b16bdf156fdad6fd0590504e81e22239fd742e3))
* Update Python dependencies
([#2015](https://github.com/Aureliolo/synthorg/issues/2015))
([a7224bb](https://github.com/Aureliolo/synthorg/commit/a7224bb90ffa7d58fe0c6aca4d042a4aa7ac9366))
* Update Web dependencies
([#2016](https://github.com/Aureliolo/synthorg/issues/2016))
([7a7fe76](https://github.com/Aureliolo/synthorg/commit/7a7fe765f0e7da54787537dc659f3a6b61112bb2))
---
This PR was generated with [Release
Please](https://github.com/googleapis/release-please). See
[documentation](https://github.com/googleapis/release-please#release-please).
---------
Co-authored-by: synthorg-repo-bot[bot] <279117679+synthorg-repo-bot[bot]@users.noreply.github.com>
Co-authored-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com> chore: Update Web dependencies (#2016)
This PR contains the following updates:
| Package | Change |
[Age](https://docs.renovatebot.com/merge-confidence/) |
[Confidence](https://docs.renovatebot.com/merge-confidence/) |
|---|---|---|---|
| [@base-ui/react](https://base-ui.com)
([source](https://redirect.github.com/mui/base-ui/tree/HEAD/packages/react))
| [`1.4.1` →
`1.5.0`](https://renovatebot.com/diffs/npm/@base-ui%2freact/1.4.1/1.5.0)
|
|
|
|
[@eslint-react/eslint-plugin](https://redirect.github.com/Rel1cx/eslint-react)
([source](https://redirect.github.com/Rel1cx/eslint-react/tree/HEAD/plugins/eslint-plugin))
| [`5.7.9` →
`5.8.2`](https://renovatebot.com/diffs/npm/@eslint-react%2feslint-plugin/5.7.9/5.8.2)
|
|
|
| [@fontsource-variable/geist](https://fontsource.org/fonts/geist)
([source](https://redirect.github.com/fontsource/font-files/tree/HEAD/fonts/variable/geist))
| [`5.2.8` →
`5.2.9`](https://renovatebot.com/diffs/npm/@fontsource-variable%2fgeist/5.2.8/5.2.9)
|
|
|
|
[@fontsource-variable/geist-mono](https://fontsource.org/fonts/geist-mono)
([source](https://redirect.github.com/fontsource/font-files/tree/HEAD/fonts/variable/geist-mono))
| [`5.2.7` →
`5.2.8`](https://renovatebot.com/diffs/npm/@fontsource-variable%2fgeist-mono/5.2.7/5.2.8)
|
|
|
| [@tanstack/react-query](https://tanstack.com/query)
([source](https://redirect.github.com/TanStack/query/tree/HEAD/packages/react-query))
| [`5.100.10` →
`5.100.11`](https://renovatebot.com/diffs/npm/@tanstack%2freact-query/5.100.10/5.100.11)
|
|
|
|
[@types/node](https://redirect.github.com/DefinitelyTyped/DefinitelyTyped/tree/master/types/node)
([source](https://redirect.github.com/DefinitelyTyped/DefinitelyTyped/tree/HEAD/types/node))
| [`25.8.0` →
`25.9.1`](https://renovatebot.com/diffs/npm/@types%2fnode/25.8.0/25.9.1)
|
|
|
|
[@types/react](https://redirect.github.com/DefinitelyTyped/DefinitelyTyped/tree/master/types/react)
([source](https://redirect.github.com/DefinitelyTyped/DefinitelyTyped/tree/HEAD/types/react))
| [`19.2.14` →
`19.2.15`](https://renovatebot.com/diffs/npm/@types%2freact/19.2.14/19.2.15)
|
|
|
| [astro](https://astro.build)
([source](https://redirect.github.com/withastro/astro/tree/HEAD/packages/astro))
| [`6.3.3` →
`6.3.5`](https://renovatebot.com/diffs/npm/astro/6.3.3/6.3.5) |
|
|
| [motion](https://redirect.github.com/motiondivision/motion) |
[`12.38.0` →
`12.39.0`](https://renovatebot.com/diffs/npm/motion/12.38.0/12.39.0) |
|
|
|
[typescript-eslint](https://typescript-eslint.io/packages/typescript-eslint)
([source](https://redirect.github.com/typescript-eslint/typescript-eslint/tree/HEAD/packages/typescript-eslint))
| [`8.59.3` →
`8.59.4`](https://renovatebot.com/diffs/npm/typescript-eslint/8.59.3/8.59.4)
|
|
|
| [wrangler](https://redirect.github.com/cloudflare/workers-sdk)
([source](https://redirect.github.com/cloudflare/workers-sdk/tree/HEAD/packages/wrangler))
| [`4.92.0` →
`4.93.0`](https://renovatebot.com/diffs/npm/wrangler/4.92.0/4.93.0) |
|
|
---
> [!WARNING]
> Some dependencies could not be looked up. Check the [Dependency
Dashboard](../issues/1730) for more information.
---
### Release Notes
<details>
<summary>mui/base-ui (@​base-ui/react)</summary>
###
[`v1.5.0`](https://redirect.github.com/mui/base-ui/blob/HEAD/CHANGELOG.md#v150)
[Compare
Source](https://redirect.github.com/mui/base-ui/compare/v1.4.1...v1.5.0)
*May 19, 2026*
##### General changes
- Use local document for virtual arrow
([#​4662](https://redirect.github.com/mui/base-ui/issues/4662)) by
[@​lyzno1](https://redirect.github.com/lyzno1)
- Fix macOS Safari and Firefox minimizing fullscreen when closing popups
with <kbd>Esc</kbd>
([#​4695](https://redirect.github.com/mui/base-ui/issues/4695)) by
[@​arturbien](https://redirect.github.com/arturbien)
- Drop unnecessary memoization
([#​4693](https://redirect.github.com/mui/base-ui/issues/4693)) by
[@​flaviendelangle](https://redirect.github.com/flaviendelangle)
- Do not use `Math.random()` in `useStableCallback()`
([#​4732](https://redirect.github.com/mui/base-ui/issues/4732)) by
[@​michaldudak](https://redirect.github.com/michaldudak)
- Fix return focus when reference disconnects
([#​4655](https://redirect.github.com/mui/base-ui/issues/4655)) by
[@​atomiks](https://redirect.github.com/atomiks)
- Improve mount performance with interaction splitting
([#​4661](https://redirect.github.com/mui/base-ui/issues/4661)) by
[@​atomiks](https://redirect.github.com/atomiks)
- Don't steal initial focus if focus already moved inside a popup
([#​4775](https://redirect.github.com/mui/base-ui/issues/4775)) by
[@​stefee](https://redirect.github.com/stefee)
##### Alert Dialog
- Fix handle defaults
([#​4834](https://redirect.github.com/mui/base-ui/issues/4834)) by
[@​atomiks](https://redirect.github.com/atomiks)
##### Autocomplete
- Fix native `FormData` for popup inputs
([#​4725](https://redirect.github.com/mui/base-ui/issues/4725)) by
[@​lunaxislu](https://redirect.github.com/lunaxislu)
##### Checkbox
- Submit the associated form when pressing <kbd>Enter</kbd>
([#​4713](https://redirect.github.com/mui/base-ui/issues/4713)) by
[@​michaldudak](https://redirect.github.com/michaldudak)
##### Combobox
- Expose clear visibility state
([#​4664](https://redirect.github.com/mui/base-ui/issues/4664)) by
[@​atomiks](https://redirect.github.com/atomiks)
- Fix popup input form submit
([#​4687](https://redirect.github.com/mui/base-ui/issues/4687)) by
[@​atomiks](https://redirect.github.com/atomiks)
- Preserve `closeQuery` when closing multiple input-inside-popup
combobox
([#​4715](https://redirect.github.com/mui/base-ui/issues/4715)) by
[@​mj12albert](https://redirect.github.com/mj12albert)
- Fix RTL component behavior
([#​4840](https://redirect.github.com/mui/base-ui/issues/4840)) by
[@​atomiks](https://redirect.github.com/atomiks)
- Ignore hidden-input changes while readonly or disabled
([#​4810](https://redirect.github.com/mui/base-ui/issues/4810)) by
[@​lunaxislu](https://redirect.github.com/lunaxislu)
##### Dialog
- Consider the controlled `open` prop for open state detection
([#​4712](https://redirect.github.com/mui/base-ui/issues/4712)) by
[@​michaldudak](https://redirect.github.com/michaldudak)
##### Drawer
- Forward `style` prop in `<Drawer.Viewport>`
([#​4841](https://redirect.github.com/mui/base-ui/issues/4841)) by
[@​atomiks](https://redirect.github.com/atomiks)
##### Field
- Avoid `flushSync` during validation
([#​4685](https://redirect.github.com/mui/base-ui/issues/4685)) by
[@​atomiks](https://redirect.github.com/atomiks)
##### Form
- Avoid `flushSync` during validation
([#​4685](https://redirect.github.com/mui/base-ui/issues/4685)) by
[@​atomiks](https://redirect.github.com/atomiks)
##### Menu
- Fix submenu pointer-events scope for `keepMounted` portals
([#​4723](https://redirect.github.com/mui/base-ui/issues/4723)) by
[@​twillhorn](https://redirect.github.com/twillhorn)
- Support `<Menu.GroupLabel>` in `<Menu.RadioGroup>`
([#​4826](https://redirect.github.com/mui/base-ui/issues/4826)) by
[@​nami8824](https://redirect.github.com/nami8824)
- Consider the controlled `open` prop for open state detection
([#​4712](https://redirect.github.com/mui/base-ui/issues/4712)) by
[@​michaldudak](https://redirect.github.com/michaldudak)
##### Navigation Menu
- Fix RTL component behavior
([#​4840](https://redirect.github.com/mui/base-ui/issues/4840)) by
[@​atomiks](https://redirect.github.com/atomiks)
- Fix `keepMounted` content sizing
([#​4817](https://redirect.github.com/mui/base-ui/issues/4817)) by
[@​atomiks](https://redirect.github.com/atomiks)
##### Number Field
- Allow Persian digits in keyboard input
([#​4719](https://redirect.github.com/mui/base-ui/issues/4719)) by
[@​lunaxislu](https://redirect.github.com/lunaxislu)
- Sync pasted input during step interactions
([#​4824](https://redirect.github.com/mui/base-ui/issues/4824)) by
[@​lunaxislu](https://redirect.github.com/lunaxislu)
##### OTP Field
- **Breaking change:** Rename `sanitizeValue()` to `normalizeValue()`
and allow composing with validation
([#​4717](https://redirect.github.com/mui/base-ui/issues/4717)) by
[@​atomiks](https://redirect.github.com/atomiks)
- Avoid `flushSync` during validation
([#​4685](https://redirect.github.com/mui/base-ui/issues/4685)) by
[@​atomiks](https://redirect.github.com/atomiks)
- Support <kbd>Ctrl</kbd> and <kbd>Cmd</kbd> shortcuts
([#​4606](https://redirect.github.com/mui/base-ui/issues/4606)) by
[@​atomiks](https://redirect.github.com/atomiks)
- Fire `onValueComplete()` for full paste
([#​4690](https://redirect.github.com/mui/base-ui/issues/4690)) by
[@​atomiks](https://redirect.github.com/atomiks)
- Fix vertical arrow slot navigation
([#​4844](https://redirect.github.com/mui/base-ui/issues/4844)) by
[@​atomiks](https://redirect.github.com/atomiks)
- Ignore hidden input changes while readonly or disabled
([#​4806](https://redirect.github.com/mui/base-ui/issues/4806)) by
[@​lunaxislu](https://redirect.github.com/lunaxislu)
- Prevent locked hidden autofill validation
([#​4827](https://redirect.github.com/mui/base-ui/issues/4827)) by
[@​lunaxislu](https://redirect.github.com/lunaxislu)
- Fix RTL arrow navigation
([#​4847](https://redirect.github.com/mui/base-ui/issues/4847)) by
[@​atomiks](https://redirect.github.com/atomiks)
##### Popover
- Fix RTL component behavior
([#​4840](https://redirect.github.com/mui/base-ui/issues/4840)) by
[@​atomiks](https://redirect.github.com/atomiks)
- Preserve active trigger on close press
([#​4741](https://redirect.github.com/mui/base-ui/issues/4741)) by
[@​mj12albert](https://redirect.github.com/mj12albert)
- Consider the controlled `open` prop for open state detection
([#​4712](https://redirect.github.com/mui/base-ui/issues/4712)) by
[@​michaldudak](https://redirect.github.com/michaldudak)
##### Preview Card
- Consider the controlled `open` prop for open state detection
([#​4712](https://redirect.github.com/mui/base-ui/issues/4712)) by
[@​michaldudak](https://redirect.github.com/michaldudak)
- Integrate inline positioning
([#​2074](https://redirect.github.com/mui/base-ui/issues/2074)) by
[@​atomiks](https://redirect.github.com/atomiks)
##### Scroll Area
- Fix RTL component behavior
([#​4840](https://redirect.github.com/mui/base-ui/issues/4840)) by
[@​atomiks](https://redirect.github.com/atomiks)
##### Select
- Clear stale item text ref
([#​4683](https://redirect.github.com/mui/base-ui/issues/4683)) by
[@​atomiks](https://redirect.github.com/atomiks)
- Add `data-popup-side` to trigger
([#​4671](https://redirect.github.com/mui/base-ui/issues/4671)) by
[@​mj12albert](https://redirect.github.com/mj12albert)
- Allow mouse selection without highlight
([#​4699](https://redirect.github.com/mui/base-ui/issues/4699)) by
[@​atomiks](https://redirect.github.com/atomiks)
- Ignore hidden-input changes while readonly or disabled
([#​4810](https://redirect.github.com/mui/base-ui/issues/4810)) by
[@​lunaxislu](https://redirect.github.com/lunaxislu)
- Fix nested Select requiring extra outside clicks to dismiss parent
([#​4820](https://redirect.github.com/mui/base-ui/issues/4820)) by
[@​mattrothenberg](https://redirect.github.com/mattrothenberg)
##### Tabs
- Fire `onValueChange()` for automatic tab selection
([#​4704](https://redirect.github.com/mui/base-ui/issues/4704)) by
[@​michaldudak](https://redirect.github.com/michaldudak)
##### Toast
- Re-use `getElementTransform()` and remove local implementation
([#​4749](https://redirect.github.com/mui/base-ui/issues/4749)) by
[@​sai6855](https://redirect.github.com/sai6855)
- Fix stuck drag state on release
([#​4742](https://redirect.github.com/mui/base-ui/issues/4742)) by
[@​aeterno-caspian](https://redirect.github.com/aeterno-caspian)
- Remove memoized selector
([#​4751](https://redirect.github.com/mui/base-ui/issues/4751)) by
[@​atomiks](https://redirect.github.com/atomiks)
##### Tooltip
- Consider the controlled `open` prop for open state detection
([#​4712](https://redirect.github.com/mui/base-ui/issues/4712)) by
[@​michaldudak](https://redirect.github.com/michaldudak)
- Fix flickering when nesting tooltip inside another tooltip's trigger
([#​4501](https://redirect.github.com/mui/base-ui/issues/4501)) by
[@​michaldudak](https://redirect.github.com/michaldudak)
All contributors of this release in alphabetical order:
[@​aeterno-caspian](https://redirect.github.com/aeterno-caspian),
[@​arturbien](https://redirect.github.com/arturbien),
[@​atomiks](https://redirect.github.com/atomiks),
[@​flaviendelangle](https://redirect.github.com/flaviendelangle),
[@​Janpot](https://redirect.github.com/Janpot),
[@​lunaxislu](https://redirect.github.com/lunaxislu),
[@​lyzno1](https://redirect.github.com/lyzno1),
[@​mattrothenberg](https://redirect.github.com/mattrothenberg),
[@​michaldudak](https://redirect.github.com/michaldudak),
[@​mj12albert](https://redirect.github.com/mj12albert),
[@​nami8824](https://redirect.github.com/nami8824),
[@​sai6855](https://redirect.github.com/sai6855),
[@​stefee](https://redirect.github.com/stefee),
[@​twillhorn](https://redirect.github.com/twillhorn)
</details>
<details>
<summary>Rel1cx/eslint-react
(@​eslint-react/eslint-plugin)</summary>
###
[`v5.8.2`](https://redirect.github.com/Rel1cx/eslint-react/blob/HEAD/CHANGELOG.md#v582-2026-05-20)
[Compare
Source](https://redirect.github.com/Rel1cx/eslint-react/compare/v5.8.1...v5.8.2)
##### 📝 Documentation
- Added React 19 `use` hook guidance to `error-boundaries`,
`rules-of-hooks`, and `no-use-context` docs.
- Added migration examples and corrected rule descriptions for
class-component-related rules.
- Improved `eslint-plugin-react-x` rule documentation with
scenario-based examples, Troubleshooting sections, and Further Reading
links across 48 rule docs
([#​1786](https://redirect.github.com/Rel1cx/eslint-react/issues/1786)).
- Removed inline ESLint error annotations (`^^^`) from documentation
examples for better readability
([#​1785](https://redirect.github.com/Rel1cx/eslint-react/issues/1785)).
- Updated migration guide for `eslint-plugin-react` with additional
details.
##### 🏗️ Internal
- Set up textlint and fixed inappropriate wording in documentation
([#​1787](https://redirect.github.com/Rel1cx/eslint-react/issues/1787)).
- Bumped dependencies across workspace packages
([#​1788](https://redirect.github.com/Rel1cx/eslint-react/issues/1788)).
- Updated `pnpm-lock.yaml`: bumped `nx` to 22.7.2 and `brace-expansion`
to 5.0.5.
**Full Changelog**:
<https://github.com/Rel1cx/eslint-react/compare/v5.8.1...v5.8.2>
###
[`v5.8.1`](https://redirect.github.com/Rel1cx/eslint-react/blob/HEAD/CHANGELOG.md#v581-2026-05-18)
[Compare
Source](https://redirect.github.com/Rel1cx/eslint-react/compare/v5.8.0...v5.8.1)
##### 📝 Documentation
- Restructured rule documentation across all plugins
(`eslint-plugin-react-x`, `eslint-plugin-react-dom`,
`eslint-plugin-react-jsx`, `eslint-plugin-react-web-api`,
`eslint-plugin-react-naming-convention`, `eslint-plugin-react-debug`,
`eslint-plugin-react-rsc`) from the `Common Violations / Invalid /
Valid` format to the new `Examples / scenario-based / Troubleshooting /
Further Reading` format
([#​1784](https://redirect.github.com/Rel1cx/eslint-react/issues/1784)).
- Updated README tagline and description, removed the Benchmark section,
and fixed migration guide links
([#​1783](https://redirect.github.com/Rel1cx/eslint-react/issues/1783)).
- Updated website recipe docs, FAQ, and third-party plugins page
([#​1783](https://redirect.github.com/Rel1cx/eslint-react/issues/1783)).
##### 🏗️ Internal
- Updated `scripts/scaffold-rule.ts` and the rule request issue template
to match the new documentation structure
([#​1782](https://redirect.github.com/Rel1cx/eslint-react/issues/1782)).
**Full Changelog**:
<https://github.com/Rel1cx/eslint-react/compare/v5.8.0...v5.8.1>
###
[`v5.8.0`](https://redirect.github.com/Rel1cx/eslint-react/blob/HEAD/CHANGELOG.md#v580-2026-05-17)
[Compare
Source](https://redirect.github.com/Rel1cx/eslint-react/compare/v5.7.10...v5.8.0)
##### 🪄 Improvements
- **`react-jsx/no-children-prop`**,
**`react-jsx/no-children-prop-with-children`**: Added support for
`createElement` calls in addition to JSX elements
([#​1780](https://redirect.github.com/Rel1cx/eslint-react/issues/1780)).
##### 📝 Documentation
- Added `eslint-plugin-perfectionist` to the third-party plugins
documentation page
([#​1778](https://redirect.github.com/Rel1cx/eslint-react/issues/1778)).
##### 🏗️ Internal
- Bumped `import-integrity-lint` to 1.0.1.
- Fixed multiple versions of `typescript-eslint` and
`import-integrity-lint` in the workspace
([#​1776](https://redirect.github.com/Rel1cx/eslint-react/issues/1776)).
- Increased pnpm `minimumReleaseAge` to 3 days and updated lockfile
([#​1779](https://redirect.github.com/Rel1cx/eslint-react/issues/1779)).
- Removed `.repos` directory references from config files
([#​1773](https://redirect.github.com/Rel1cx/eslint-react/issues/1773)).
- Removed obsolete maintenance scripts
(`create-spec-alignment-issues.sh`, `migrate-labels.sh`)
([#​1777](https://redirect.github.com/Rel1cx/eslint-react/issues/1777)).
- Replaced `eslint-plugin-fast-import` with `import-integrity-lint`
([#​1774](https://redirect.github.com/Rel1cx/eslint-react/issues/1774)).
- Simplified the publish CI workflow by skipping install scripts and
removing the lint step
([#​1775](https://redirect.github.com/Rel1cx/eslint-react/issues/1775)).
**Full Changelog**:
<https://github.com/Rel1cx/eslint-react/compare/v5.7.10...v5.8.0>
###
[`v5.7.10`](https://redirect.github.com/Rel1cx/eslint-react/blob/HEAD/CHANGELOG.md#v5710-2026-05-16)
##### 🐞 Fixes
- **`react-x/no-leaked-conditional-rendering`**,
**`react-x/set-state-in-effect`**: Added cycle detection to prevent
stack overflow in recursive function analysis
([#​1769](https://redirect.github.com/Rel1cx/eslint-react/issues/1769)).
##### 📝 Documentation
- Added `third-party-plugins.mdx` documentation page.
- Added spec diff and compiler test fixtures for `react-x/globals` rule.
- Updated ESLint Stylistic link to rules anchor.
- Updated community projects (added Obsidian Copilot).
- Added redirects and simplified removed docs page.
##### 🏗️ Internal
- **`react-x/error-boundaries`**: Simplified `getEnclosingTryBlock`
implementation.
- Added `minimumReleaseAge` and `minimumReleaseAgeExclude` entries to
`pnpm-workspace.yaml`.
- Bumped `fumadocs-core` and `fumadocs-ui` to 16.8.11.
- Pinned pnpm to v11 in CI and adjusted install hooks.
- Fixed the git diff noise issue caused by a large number of external
repository files introduced by "Vendored `facebook/react` as git subtree
under `.repos`" in v5.7.9 (re-released as v5.7.10, closes
[#​1772](https://redirect.github.com/Rel1cx/eslint-react/issues/1772)).
**Full Changelog**:
<https://github.com/Rel1cx/eslint-react/compare/v5.7.8...v5.7.10>
</details>
<details>
<summary>fontsource/font-files
(@​fontsource-variable/geist)</summary>
###
[`v5.2.9`](https://redirect.github.com/fontsource/font-files/compare/40ecb0c337fd649924783a87783dc2e6639bb6f2...afcb152cbd0f3f3dadc3ca6ab42704924060a155)
[Compare
Source](https://redirect.github.com/fontsource/font-files/compare/40ecb0c337fd649924783a87783dc2e6639bb6f2...afcb152cbd0f3f3dadc3ca6ab42704924060a155)
</details>
<details>
<summary>fontsource/font-files
(@​fontsource-variable/geist-mono)</summary>
###
[`v5.2.8`](https://redirect.github.com/fontsource/font-files/compare/40ecb0c337fd649924783a87783dc2e6639bb6f2...afcb152cbd0f3f3dadc3ca6ab42704924060a155)
[Compare
Source](https://redirect.github.com/fontsource/font-files/compare/40ecb0c337fd649924783a87783dc2e6639bb6f2...afcb152cbd0f3f3dadc3ca6ab42704924060a155)
</details>
<details>
<summary>TanStack/query (@​tanstack/react-query)</summary>
###
[`v5.100.11`](https://redirect.github.com/TanStack/query/blob/HEAD/packages/react-query/CHANGELOG.md#510011)
##### Patch Changes
- Updated dependencies \[]:
-
[@​tanstack/query-core](https://redirect.github.com/tanstack/query-core)@​5.100.11
</details>
<details>
<summary>withastro/astro (astro)</summary>
###
[`v6.3.5`](https://redirect.github.com/withastro/astro/blob/HEAD/packages/astro/CHANGELOG.md#635)
[Compare
Source](https://redirect.github.com/withastro/astro/compare/astro@6.3.4...astro@6.3.5)
##### Patch Changes
-
[#​16771](https://redirect.github.com/withastro/astro/pull/16771)
[`07c8805`](https://redirect.github.com/withastro/astro/commit/07c880500926e3337798ca906d9422c880c6e148)
Thanks [@​ematipico](https://redirect.github.com/ematipico)! -
Fixes `position` prop on `<Image>` and `<Picture>` components breaking
Content Security Policy (CSP).
-
[#​16593](https://redirect.github.com/withastro/astro/pull/16593)
[`50924ce`](https://redirect.github.com/withastro/astro/commit/50924cea1faf32b8c14b031936e93812033b04ca)
Thanks [@​yanthomasdev](https://redirect.github.com/yanthomasdev)!
- Improves error messages with more consistent and correct writing.
-
[#​16757](https://redirect.github.com/withastro/astro/pull/16757)
[`5d661cd`](https://redirect.github.com/withastro/astro/commit/5d661cd226cd9abb4f0f352231f2f68feec52ab4)
Thanks
[@​astrobot-houston](https://redirect.github.com/astrobot-houston)!
- Fixes dev server serving stale content when SSR-only modules change
(e.g. `.astro` files outside the project root in a monorepo, or
dynamically imported components).
Previously, the `astro:hmr-reload` plugin returned an empty array after
detecting SSR-only module changes, which prevented Vite's
`updateModules` from propagating the invalidation to the SSR module
runner. The runner's evaluated module cache stayed stale, so subsequent
requests continued returning old content.
Now the plugin returns the SSR-only modules so Vite can process them
through `updateModules`, which properly invalidates the module runner's
cache and ensures fresh content on the next request.
###
[`v6.3.4`](https://redirect.github.com/withastro/astro/blob/HEAD/packages/astro/CHANGELOG.md#634)
[Compare
Source](https://redirect.github.com/withastro/astro/compare/astro@6.3.3...astro@6.3.4)
##### Patch Changes
-
[#​16723](https://redirect.github.com/withastro/astro/pull/16723)
[`0f10bfe`](https://redirect.github.com/withastro/astro/commit/0f10bfe70d443ebe5474a72f59c3a3e745831b98)
Thanks [@​matthewp](https://redirect.github.com/matthewp)! - Adds
`fetchFile` option to `experimental.advancedRouting` to customize or
disable the entrypoint file
```js
export default defineConfig({
experimental: {
advancedRouting: {
fetchFile: 'fetch.ts',
},
},
});
```
-
[#​16723](https://redirect.github.com/withastro/astro/pull/16723)
[`0f10bfe`](https://redirect.github.com/withastro/astro/commit/0f10bfe70d443ebe5474a72f59c3a3e745831b98)
Thanks [@​matthewp](https://redirect.github.com/matthewp)! - Fixes
Hono `cache()` middleware to follow the standard wrapper pattern
-
[#​16723](https://redirect.github.com/withastro/astro/pull/16723)
[`0f10bfe`](https://redirect.github.com/withastro/astro/commit/0f10bfe70d443ebe5474a72f59c3a3e745831b98)
Thanks [@​matthewp](https://redirect.github.com/matthewp)! - Adds
`App.Providers` interface for typing custom context providers on `Astro`
and `ctx`
```ts
declare namespace App {
interface Providers {
oauth: import('./lib/oauth').OAuthSession;
}
}
```
-
[#​16723](https://redirect.github.com/withastro/astro/pull/16723)
[`0f10bfe`](https://redirect.github.com/withastro/astro/commit/0f10bfe70d443ebe5474a72f59c3a3e745831b98)
Thanks [@​matthewp](https://redirect.github.com/matthewp)! - Adds
`FetchState.response` property, set automatically after `pages()` or
`middleware()` completes
```ts
const response = await middleware(state, (s) => pages(s));
console.log(state.response === response); // true
```
-
[#​16723](https://redirect.github.com/withastro/astro/pull/16723)
[`0f10bfe`](https://redirect.github.com/withastro/astro/commit/0f10bfe70d443ebe5474a72f59c3a3e745831b98)
Thanks [@​matthewp](https://redirect.github.com/matthewp)! - Adds
`Fetchable` type export for typing the advanced routing entrypoint
```ts
import type { Fetchable } from 'astro';
export default {
async fetch(request) {
return new Response('ok');
},
} satisfies Fetchable;
```
-
[#​16572](https://redirect.github.com/withastro/astro/pull/16572)
[`4a5a077`](https://redirect.github.com/withastro/astro/commit/4a5a0779712be11680a9fc729be2ba9dd93f68d2)
Thanks [@​DORI2001](https://redirect.github.com/DORI2001)! -
Suppresses `[WARN] Vite warning: unused imports from
"@​astrojs/internal-helpers/remote"` during prerender builds. The
package is now bundled alongside `astro` in the prerender environment,
matching how it is handled in the SSR environment.
-
[#​16756](https://redirect.github.com/withastro/astro/pull/16756)
[`b6ee23d`](https://redirect.github.com/withastro/astro/commit/b6ee23d339311c356ad25781f62454aee289e47b)
Thanks
[@​astrobot-houston](https://redirect.github.com/astrobot-houston)!
- Fixes styles from Markdoc/MDX custom components not being extracted to
`<head>` in the dev server when using the Cloudflare adapter with
`prerenderEnvironment: 'node'` and rendering content through a wrapper
component.
-
[#​16747](https://redirect.github.com/withastro/astro/pull/16747)
[`904d19a`](https://redirect.github.com/withastro/astro/commit/904d19a73e91dc166c492905ebf6c81705fa7064)
Thanks
[@​astrobot-houston](https://redirect.github.com/astrobot-houston)!
- Fixes Astro action requests failing in `astro dev` when using the
Cloudflare adapter with `prerenderEnvironment: 'node'` alongside a
prerendered catch-all route such as `[...page].astro`.
Actions and other SSR POST endpoints now continue to work in dev instead
of returning an HTTP 500 error.
-
[#​16701](https://redirect.github.com/withastro/astro/pull/16701)
[`3495ce4`](https://redirect.github.com/withastro/astro/commit/3495ce4f3af103673e32b6fdd452e4108252e1b5)
Thanks [@​demaisj](https://redirect.github.com/demaisj)! - Fix
`Map` and `Set` instances saved in a content collection being broken
when retrieving entries.
-
[#​16614](https://redirect.github.com/withastro/astro/pull/16614)
[`fca1c32`](https://redirect.github.com/withastro/astro/commit/fca1c32c329f6044c6833debdb9d683dd2103fc9)
Thanks [@​Eptagone](https://redirect.github.com/Eptagone)! - Fixes
`entry.data` type inference when a live collection is configured without
a schema.
-
[#​16661](https://redirect.github.com/withastro/astro/pull/16661)
[`03b8f7f`](https://redirect.github.com/withastro/astro/commit/03b8f7f7644cc1d9e738a8221d6bd377399538c0)
Thanks [@​ocavue](https://redirect.github.com/ocavue)! - Updates
`typescript` to v6. No changes are needed from users.
-
[#​16681](https://redirect.github.com/withastro/astro/pull/16681)
[`c22770a`](https://redirect.github.com/withastro/astro/commit/c22770a58c3b312ad4bba81707be72f551ee02db)
Thanks
[@​dotnetCarpenter](https://redirect.github.com/dotnetCarpenter)!
- Fixes an issue where SVG images with `width="0"` or `height="0"`
incorrectly threw a `NoImageMetadata` error instead of being treated as
valid dimensions.
</details>
<details>
<summary>motiondivision/motion (motion)</summary>
###
[`v12.39.0`](https://redirect.github.com/motiondivision/motion/blob/HEAD/CHANGELOG.md#12390-2026-05-18)
[Compare
Source](https://redirect.github.com/motiondivision/motion/compare/v12.38.0...v12.39.0)
##### Added
- Support for `repeatType` and `repeatDelay` in animation sequences.
##### Fixed
- Variants: Re-run keyframe animations when switching between variant
labels even when they share identical keyframe arrays.
- Drag: Preserve in-flight motion value animations across React 19
reorder unmount/remount so `dragSnapToOrigin` no longer leaves the drag
transform stranded after a layout swap.
- `LazyMotion`: Share React contexts between the `framer-motion` and
`framer-motion/m` (and therefore `motion/react` and `motion/react-m`)
CJS bundles so that `<m.div>` from the `/m` subpath picks up features
loaded by `<LazyMotion>` from the main entry point.
- `useScroll`: Support hydrating `target` and `container` refs from
anywhere in the tree.
- Drag: Gesture no longer starts from incorrect start point when
rendered inside `<AnimatePresence initial={false} />`.
- Drag: `dragConstraints`, when set as viewport-relative ref, no longer
break on scroll.§
- Updated `visualElement` hydration order.
- `useAnimate`: Now respects `skipAnimations`.
- `AnimatePresence`: Fix object-form `initial` values not applied on
re-entry after exit completes.
- `scroll`: Fixed callback progress when tracking an element.
- `useScroll`: Fix hardware acceleration when tracking an element.
</details>
<details>
<summary>typescript-eslint/typescript-eslint
(typescript-eslint)</summary>
###
[`v8.59.4`](https://redirect.github.com/typescript-eslint/typescript-eslint/blob/HEAD/packages/typescript-eslint/CHANGELOG.md#8594-2026-05-18)
[Compare
Source](https://redirect.github.com/typescript-eslint/typescript-eslint/compare/v8.59.3...v8.59.4)
##### 🩹 Fixes
- **typescript-eslint:** export Compatible\* types from
typescript-eslint to resolve pnpm TS error
([#​12340](https://redirect.github.com/typescript-eslint/typescript-eslint/pull/12340))
##### ❤️ Thank You
- Kirk Waiblinger
[@​kirkwaiblinger](https://redirect.github.com/kirkwaiblinger)
See [GitHub
Releases](https://redirect.github.com/typescript-eslint/typescript-eslint/releases/tag/v8.59.4)
for more information.
You can read about our [versioning
strategy](https://typescript-eslint.io/users/versioning) and
[releases](https://typescript-eslint.io/users/releases) on our website.
</details>
<details>
<summary>cloudflare/workers-sdk (wrangler)</summary>
###
[`v4.93.0`](https://redirect.github.com/cloudflare/workers-sdk/blob/HEAD/packages/wrangler/CHANGELOG.md#4930)
[Compare
Source](https://redirect.github.com/cloudflare/workers-sdk/compare/wrangler@4.92.0...wrangler@4.93.0)
##### Minor Changes
-
[#​13901](https://redirect.github.com/cloudflare/workers-sdk/pull/13901)
[`aac7ca0`](https://redirect.github.com/cloudflare/workers-sdk/commit/aac7ca02803567adad2d5372124ace1f4ed9c315)
Thanks [@​bghira](https://redirect.github.com/bghira)! - Add
`wrangler ai models schema` command for fetching model schemas
You can now run `wrangler ai models schema <model>` to fetch the input
and output schema for a Workers AI model from the public model catalog
schema endpoint.
-
[#​12656](https://redirect.github.com/cloudflare/workers-sdk/pull/12656)
[`ae047ee`](https://redirect.github.com/cloudflare/workers-sdk/commit/ae047eedd5c59452e05a122f14ac4ff6c5ff8ad2)
Thanks [@​mikenomitch](https://redirect.github.com/mikenomitch)! -
Add `--containers-rollout=none`
This allows you to skip deploying a container. This is useful if you
know that your container is not going to be updated or you don't have
Docker locally, but still want to make changes to your Worker.
-
[#​13901](https://redirect.github.com/cloudflare/workers-sdk/pull/13901)
[`aac7ca0`](https://redirect.github.com/cloudflare/workers-sdk/commit/aac7ca02803567adad2d5372124ace1f4ed9c315)
Thanks [@​bghira](https://redirect.github.com/bghira)! - Add
`wrangler ai models list` command for querying the Workers AI model
catalog
`wrangler ai models list` accepts `--search`, `--task`, `--author`,
`--source`, and `--hide-experimental`, matching the public model catalog
search endpoint.
##### Patch Changes
-
[#​13948](https://redirect.github.com/cloudflare/workers-sdk/pull/13948)
[`b25dc0d`](https://redirect.github.com/cloudflare/workers-sdk/commit/b25dc0d9f19ff51ec246c9c8175be7e445c12c0b)
Thanks
[@​dependabot](https://redirect.github.com/apps/dependabot)! -
Update dependencies of "miniflare", "wrangler"
The following dependency versions have been updated:
| Dependency | From | To |
| ---------- | ------------ | ------------ |
| workerd | 1.20260515.1 | 1.20260518.1 |
-
[#​13882](https://redirect.github.com/cloudflare/workers-sdk/pull/13882)
[`a4f22bc`](https://redirect.github.com/cloudflare/workers-sdk/commit/a4f22bcbe8deb033ff11783a5f5f63caa3ffc3ff)
Thanks [@​matingathani](https://redirect.github.com/matingathani)!
- Throw a clear error when a D1 migration is cancelled instead of
silently returning
-
[#​13950](https://redirect.github.com/cloudflare/workers-sdk/pull/13950)
[`f78d435`](https://redirect.github.com/cloudflare/workers-sdk/commit/f78d435454a6f7f0623bf878f1279ca6c3caed50)
Thanks
[@​dario-piotrowicz](https://redirect.github.com/dario-piotrowicz)!
- Improve the Docker CLI error message to be more actionable.
Include a link to Docker installation docs, platform-specific
instructions for starting the daemon, and guidance for alternative
Docker-compatible CLIs.
-
[#​11896](https://redirect.github.com/cloudflare/workers-sdk/pull/11896)
[`c5c9e20`](https://redirect.github.com/cloudflare/workers-sdk/commit/c5c9e20bf6c806289e33fd599b05c2fb22473999)
Thanks
[@​staticpayload](https://redirect.github.com/staticpayload)! -
Surface remote proxy session errors
When remote bindings fail to start, include the controller reason and
root cause in the error message to make failures like missing
`cloudflared` clearer.
-
[#​13932](https://redirect.github.com/cloudflare/workers-sdk/pull/13932)
[`ebf4b24`](https://redirect.github.com/cloudflare/workers-sdk/commit/ebf4b24226060d0ea714e9221a1f2744033729cb)
Thanks [@​zebp](https://redirect.github.com/zebp)! - Fix local
Workflow startup when compatibility flags include `experimental`
Miniflare now deduplicates compatibility flags for the internal Workflow
engine service. This prevents `wrangler dev` from failing with
`Compatibility flag specified multiple times: experimental` when the
user's Worker already enables that flag.
-
[#​13929](https://redirect.github.com/cloudflare/workers-sdk/pull/13929)
[`895baf5`](https://redirect.github.com/cloudflare/workers-sdk/commit/895baf5ec2ed4a0dfed45e5ede536ad1c913be96)
Thanks
[@​Caio-Nogueira](https://redirect.github.com/Caio-Nogueira)! -
Prompt to provision a workers.dev subdomain before deploying Workflows
Wrangler now checks for the account-level workers.dev subdomain when
deploying Workflows, even if the Worker is not being published to
workers.dev. If the subdomain has not been registered yet, Wrangler
prompts to create one before calling the Workflows deploy API so users
avoid an opaque server-side deployment failure.
-
[#​13930](https://redirect.github.com/cloudflare/workers-sdk/pull/13930)
[`7bcdf45`](https://redirect.github.com/cloudflare/workers-sdk/commit/7bcdf45580f29ec9a3f0a77f70d8a26d301d19c3)
Thanks [@​shiminshen](https://redirect.github.com/shiminshen)! -
Sweep stale `.wrangler/tmp/*` dirs left behind by abnormal exits
A `wrangler dev` session creates `.wrangler/tmp/bundle-*` and
`.wrangler/tmp/dev-*` directories at startup and removes them via a
`signal-exit` hook on graceful shutdown. When the process exited
abnormally (SIGKILL, OOM, host crash) those directories were left behind
and accumulated across sessions, slowing down dependency-walking tools
that follow the bundle-emitted absolute-path imports.
`wrangler` now sweeps entries in `.wrangler/tmp/` older than 24 hours
when a new temporary directory is requested, bounding the leak
regardless of how prior sessions exited.
- Updated dependencies
\[[`b25dc0d`](https://redirect.github.com/cloudflare/workers-sdk/commit/b25dc0d9f19ff51ec246c9c8175be7e445c12c0b),
[`ebf4b24`](https://redirect.github.com/cloudflare/workers-sdk/commit/ebf4b24226060d0ea714e9221a1f2744033729cb),
[`b27eb18`](https://redirect.github.com/cloudflare/workers-sdk/commit/b27eb18de664e416316d50116e568513d08123eb)]:
- miniflare\@​4.20260518.0
</details>
---
### Configuration
📅 **Schedule**: (in timezone Etc/UTC)
- Branch creation
- Between 12:00 AM and 06:59 AM, only on Saturday (`* 0-6 * * 6`)
- Automerge
- At any time (no schedule defined)
🚦 **Automerge**: Disabled by config. Please merge this manually once you
are satisfied.
♻ **Rebasing**: Whenever PR is behind base branch, or you tick the
rebase/retry checkbox.
👻 **Immortal**: This PR will be recreated if closed unmerged. Get
[config
help](https://redirect.github.com/renovatebot/renovate/discussions) if
that's undesired.
---
- [ ] <!-- rebase-check -->If you want to rebase/retry this PR, check
this box
---
This PR was generated by [Mend Renovate](https://mend.io/renovate/).
View the [repository job
log](https://developer.mend.io/github/Aureliolo/synthorg).
<!--renovate-debug:eyJjcmVhdGVkSW5WZXIiOiI0My4xODUuMSIsInVwZGF0ZWRJblZlciI6IjQzLjE4NS4xIiwidGFyZ2V0QnJhbmNoIjoibWFpbiIsImxhYmVscyI6WyJkZXBlbmRlbmNpZXMiLCJzY29wZTp3ZWIiLCJ0eXBlOmNob3JlIl19-->
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com> chore: Update Python dependencies (#2015)
> ℹ️ **Note**
>
> This PR body was truncated due to platform limits.
This PR contains the following updates:
| Package | Change |
[Age](https://docs.renovatebot.com/merge-confidence/) |
[Confidence](https://docs.renovatebot.com/merge-confidence/) |
|---|---|---|---|
| [hypothesis](https://redirect.github.com/HypothesisWorks/hypothesis)
([changelog](https://hypothesis.readthedocs.io/en/latest/changelog.html))
| `==6.152.7` → `==6.152.9` |
|
|
| [litellm](https://redirect.github.com/BerriAI/litellm) | `==1.84.0` →
`==1.85.0` |
|
|
| [lxml](https://lxml.de/)
([source](https://redirect.github.com/lxml/lxml),
[changelog](https://git.launchpad.net/lxml/plain/CHANGES.txt)) |
`==6.1.0` → `==6.1.1` |
|
|
| [types-pyyaml](https://redirect.github.com/python/typeshed)
([changelog](https://redirect.github.com/typeshed-internal/stub_uploader/blob/main/data/changelogs/PyYAML.md))
| `==6.0.12.20260510` → `==6.0.12.20260518` |
|
|
| [zensical](https://redirect.github.com/zensical/zensical)
([changelog](https://zensical.org/docs/changelog/)) | `==0.0.42` →
`==0.0.43` |
|
|
---
> [!WARNING]
> Some dependencies could not be looked up. Check the [Dependency
Dashboard](../issues/1730) for more information.
---
### Release Notes
<details>
<summary>BerriAI/litellm (litellm)</summary>
###
[`v1.85.0`](https://redirect.github.com/BerriAI/litellm/releases/tag/v1.85.0)
[Compare
Source](https://redirect.github.com/BerriAI/litellm/compare/v1.84.0...v1.85.0)
#### Verify Docker Image Signature
All LiteLLM Docker images are signed with
[cosign](https://docs.sigstore.dev/cosign/overview/). Every release is
signed with the same key introduced in [commit
`0112e53`](https://redirect.github.com/BerriAI/litellm/commit/0112e53046018d726492c814b3644b7d376029d0).
**Verify using the pinned commit hash (recommended):**
A commit hash is cryptographically immutable, so this is the strongest
way to ensure you are using the original signing key:
```bash
cosign verify \
--key https://raw.githubusercontent.com/BerriAI/litellm/0112e53046018d726492c814b3644b7d376029d0/cosign.pub \
ghcr.io/berriai/litellm:v1.85.0
```
**Verify using the release tag (convenience):**
Tags are protected in this repository and resolve to the same key. This
option is easier to read but relies on tag protection rules:
```bash
cosign verify \
--key https://raw.githubusercontent.com/BerriAI/litellm/v1.85.0/cosign.pub \
ghcr.io/berriai/litellm:v1.85.0
```
Expected output:
```
The following checks were performed on each of these signatures:
- The cosign claims were validated
- The signatures were verified against the specified public key
```
***
#### What's Changed
- fix: strip 'openrouter/' prefix from model names
([#​24234](https://redirect.github.com/BerriAI/litellm/issues/24234))
by [@​kimimgo](https://redirect.github.com/kimimgo) in
[#​24282](https://redirect.github.com/BerriAI/litellm/pull/24282)
- feat(bedrock): add Z.AI GLM-5 model support by
[@​Chesars](https://redirect.github.com/Chesars) in
[#​24338](https://redirect.github.com/BerriAI/litellm/pull/24338)
- fix(gemini): return separate embeddings for multimodal inputs by
[@​Chesars](https://redirect.github.com/Chesars) in
[#​24337](https://redirect.github.com/BerriAI/litellm/pull/24337)
- refactor: Remove redundant backup file by
[@​Chesars](https://redirect.github.com/Chesars) in
[#​16590](https://redirect.github.com/BerriAI/litellm/pull/16590)
- feat(gemini): support combined multimodal embeddings via nested input
by [@​Chesars](https://redirect.github.com/Chesars) in
[#​24341](https://redirect.github.com/BerriAI/litellm/pull/24341)
- merge litellm\_internal\_staging by
[@​Sameerlite](https://redirect.github.com/Sameerlite) in
[#​25944](https://redirect.github.com/BerriAI/litellm/pull/25944)
- docs(readme): update Greptile logo to higher quality image by
[@​Chesars](https://redirect.github.com/Chesars) in
[#​25385](https://redirect.github.com/BerriAI/litellm/pull/25385)
- merge main by
[@​Sameerlite](https://redirect.github.com/Sameerlite) in
[#​26260](https://redirect.github.com/BerriAI/litellm/pull/26260)
- merge main by
[@​Sameerlite](https://redirect.github.com/Sameerlite) in
[#​26305](https://redirect.github.com/BerriAI/litellm/pull/26305)
- merge main by
[@​Sameerlite](https://redirect.github.com/Sameerlite) in
[#​26306](https://redirect.github.com/BerriAI/litellm/pull/26306)
- fix: remove duplicate MAX\_SIZE\_PER\_ITEM\_IN\_MEMORY\_CACHE\_IN\_KB
definition by [@​Jah-yee](https://redirect.github.com/Jah-yee) in
[#​26385](https://redirect.github.com/BerriAI/litellm/pull/26385)
- fix(ui): add missing 'zai' (Z.AI / Zhipu AI) provider to Add-Model
dropdown by [@​MackDing](https://redirect.github.com/MackDing) in
[#​26419](https://redirect.github.com/BerriAI/litellm/pull/26419)
- fix(proxy): set verbose\_logger level when LITELLM\_LOG=INFO by
[@​he-yufeng](https://redirect.github.com/he-yufeng) in
[#​26401](https://redirect.github.com/BerriAI/litellm/pull/26401)
- Sync litellm\_staging\_03\_21\_2026 with litellm\_internal\_staging by
[@​Chesars](https://redirect.github.com/Chesars) in
[#​26519](https://redirect.github.com/BerriAI/litellm/pull/26519)
- Merge readme logo update into litellm\_staging\_03\_21\_2026 by
[@​Chesars](https://redirect.github.com/Chesars) in
[#​26521](https://redirect.github.com/BerriAI/litellm/pull/26521)
- fix(arize): \_set\_usage\_outputs handles raw OpenAI Pydantic
CompletionUsage by
[@​alvinttang](https://redirect.github.com/alvinttang) in
[#​26506](https://redirect.github.com/BerriAI/litellm/pull/26506)
- fix(adapters,vertex): pass output\_config through to backends that
accept it (closes
[#​23380](https://redirect.github.com/BerriAI/litellm/issues/23380),
supersedes
[#​23475](https://redirect.github.com/BerriAI/litellm/issues/23475)/[#​23396](https://redirect.github.com/BerriAI/litellm/issues/23396)/[#​23706](https://redirect.github.com/BerriAI/litellm/issues/23706)/[#​22727](https://redirect.github.com/BerriAI/litellm/issues/22727))
by [@​dkindlund](https://redirect.github.com/dkindlund) in
[#​26439](https://redirect.github.com/BerriAI/litellm/pull/26439)
- add test(tag-routing): prevent header regex bypass for strict plain t…
by [@​harish-berri](https://redirect.github.com/harish-berri) in
[#​26805](https://redirect.github.com/BerriAI/litellm/pull/26805)
- merge main by
[@​Sameerlite](https://redirect.github.com/Sameerlite) in
[#​26984](https://redirect.github.com/BerriAI/litellm/pull/26984)
- merge main by
[@​Sameerlite](https://redirect.github.com/Sameerlite) in
[#​26985](https://redirect.github.com/BerriAI/litellm/pull/26985)
- Fix managed file model\_mappings when router resolves a single
deployment dict (batch models with id == model\_name) by
[@​shivamrawat1](https://redirect.github.com/shivamrawat1) in
[#​26950](https://redirect.github.com/BerriAI/litellm/pull/26950)
- fix(proxy): route azure container file requests by decoded deployment
by [@​Sameerlite](https://redirect.github.com/Sameerlite) in
[#​26402](https://redirect.github.com/BerriAI/litellm/pull/26402)
- feat(xai): add parallel\_tool\_calls to supported params
([#​25106](https://redirect.github.com/BerriAI/litellm/issues/25106))
by [@​krrish-berri-2](https://redirect.github.com/krrish-berri-2)
in
[#​25270](https://redirect.github.com/BerriAI/litellm/pull/25270)
- Litellm token verification query optimization by
[@​harish-berri](https://redirect.github.com/harish-berri) in
[#​26202](https://redirect.github.com/BerriAI/litellm/pull/26202)
- feat(vertex\_ai): Model Garden OpenAPI for publisher model ids by
[@​Sameerlite](https://redirect.github.com/Sameerlite) in
[#​26076](https://redirect.github.com/BerriAI/litellm/pull/26076)
- fix(mcp): preserve oauth2 m2m auth for tools routes by
[@​Sameerlite](https://redirect.github.com/Sameerlite) in
[#​26871](https://redirect.github.com/BerriAI/litellm/pull/26871)
- Fix /metrics hang when require\_auth\_for\_metrics\_endpoint is true
and auth succeeds by
[@​shivamrawat1](https://redirect.github.com/shivamrawat1) in
[#​25980](https://redirect.github.com/BerriAI/litellm/pull/25980)
- fix(projects): project dropdown empty for internal\_user (3 bugs) by
[@​ishaan-berri](https://redirect.github.com/ishaan-berri) in
[#​26664](https://redirect.github.com/BerriAI/litellm/pull/26664)
- fix: block path traversal SSRF in BitBucket, Arize Phoenix, and
AssemblyAI clients by
[@​ishaan-berri](https://redirect.github.com/ishaan-berri) in
[#​26943](https://redirect.github.com/BerriAI/litellm/pull/26943)
- Litellm staging 03 21 2026 by
[@​Chesars](https://redirect.github.com/Chesars) in
[#​24340](https://redirect.github.com/BerriAI/litellm/pull/24340)
- refactor: scope /health response to caller's models and tidy display
fields by
[@​krrish-berri-2](https://redirect.github.com/krrish-berri-2) in
[#​26935](https://redirect.github.com/BerriAI/litellm/pull/26935)
- fix(ui): add Your Usage view for admin users on usage page by
[@​ishaan-berri](https://redirect.github.com/ishaan-berri) in
[#​26746](https://redirect.github.com/BerriAI/litellm/pull/26746)
- fix: scope CLI stored token to base\_url to prevent cross-domain
credential leakage by
[@​ishaan-berri](https://redirect.github.com/ishaan-berri) in
[#​26945](https://redirect.github.com/BerriAI/litellm/pull/26945)
- Fix: trigger fallbacks on mid-stream httpx.TimeoutException by
[@​ryan-crabbe-berri](https://redirect.github.com/ryan-crabbe-berri)
in
[#​26998](https://redirect.github.com/BerriAI/litellm/pull/26998)
- \[Fix] /config/update: targeted per-section writes, drop
store\_model\_in\_db gate by
[@​yuneng-berri](https://redirect.github.com/yuneng-berri) in
[#​26643](https://redirect.github.com/BerriAI/litellm/pull/26643)
- chore(security): close two unaddressed SSRF cases by
[@​stuxf](https://redirect.github.com/stuxf) in
[#​26996](https://redirect.github.com/BerriAI/litellm/pull/26996)
- chore(guardrails): tighten tool permission checks by
[@​stuxf](https://redirect.github.com/stuxf) in
[#​26969](https://redirect.github.com/BerriAI/litellm/pull/26969)
- chore(proxy): align resource model auth checks by
[@​stuxf](https://redirect.github.com/stuxf) in
[#​26963](https://redirect.github.com/BerriAI/litellm/pull/26963)
- fix(health): return 503 when targeted model is unhealthy or DB is
disconnected by
[@​ryan-crabbe-berri](https://redirect.github.com/ryan-crabbe-berri)
in
[#​27003](https://redirect.github.com/BerriAI/litellm/pull/27003)
- \[Fix] Tests: Move Misplaced Import in Lazy OpenAPI Snapshot Test by
[@​yuneng-berri](https://redirect.github.com/yuneng-berri) in
[#​27010](https://redirect.github.com/BerriAI/litellm/pull/27010)
- chore(vector stores): tighten managed store access by
[@​stuxf](https://redirect.github.com/stuxf) in
[#​26930](https://redirect.github.com/BerriAI/litellm/pull/26930)
- fix: post call guardrail must be called once by
[@​mubashir1osmani](https://redirect.github.com/mubashir1osmani)
in
[#​26109](https://redirect.github.com/BerriAI/litellm/pull/26109)
- chore(proxy): tighten budget spend admission by
[@​stuxf](https://redirect.github.com/stuxf) in
[#​26845](https://redirect.github.com/BerriAI/litellm/pull/26845)
- \[Test] Anthropic: Use jsDelivr CDN For PDF Fixture URL by
[@​yuneng-berri](https://redirect.github.com/yuneng-berri) in
[#​27000](https://redirect.github.com/BerriAI/litellm/pull/27000)
- chore(callbacks): guard dynamic integration hosts by
[@​stuxf](https://redirect.github.com/stuxf) in
[#​26921](https://redirect.github.com/BerriAI/litellm/pull/26921)
- refactor(rate-limit): consolidate batch + dynamic limiter
check/increment by
[@​krrish-berri-2](https://redirect.github.com/krrish-berri-2) in
[#​26954](https://redirect.github.com/BerriAI/litellm/pull/26954)
- chore(security): encode upstream URL path identifiers by
[@​stuxf](https://redirect.github.com/stuxf) in
[#​26860](https://redirect.github.com/BerriAI/litellm/pull/26860)
- chore(mcp): require trusted-proxy gate before honouring X-Forwarded-\*
on OAuth discovery by [@​stuxf](https://redirect.github.com/stuxf)
in
[#​26841](https://redirect.github.com/BerriAI/litellm/pull/26841)
- tests(vcr): redis-backed vcrpy cache for offline LLM e2e replay by
[@​mateo-berri](https://redirect.github.com/mateo-berri) in
[#​26838](https://redirect.github.com/BerriAI/litellm/pull/26838)
- \[Fix] Tests: Align Bedrock count-tokens endpoint assertions with
URL-encoded model id by
[@​yuneng-berri](https://redirect.github.com/yuneng-berri) in
[#​27017](https://redirect.github.com/BerriAI/litellm/pull/27017)
- feat(embedding): default OpenAI-path encoding\_format to float by
[@​Sameerlite](https://redirect.github.com/Sameerlite) in
[#​26976](https://redirect.github.com/BerriAI/litellm/pull/26976)
- fix(guardrails): post-call guardrail must only fire once by
[@​ryan-crabbe-berri](https://redirect.github.com/ryan-crabbe-berri)
in
[#​27012](https://redirect.github.com/BerriAI/litellm/pull/27012)
- fix(vertex\_ai): omit system\_instruction/tools/toolConfig when
cachedContent set by
[@​Sameerlite](https://redirect.github.com/Sameerlite) in
[#​26077](https://redirect.github.com/BerriAI/litellm/pull/26077)
- \[Fix] Proxy: Skip Personal Budget Hook When Reservation Covers
Counter by
[@​yuneng-berri](https://redirect.github.com/yuneng-berri) in
[#​27021](https://redirect.github.com/BerriAI/litellm/pull/27021)
- fix(ui): remove insecure ?token= URL handler from LoginPage to close
session-fixation by
[@​michelligabriele](https://redirect.github.com/michelligabriele)
in
[#​26924](https://redirect.github.com/BerriAI/litellm/pull/26924)
- fix(proxy): reject user\_id=None on non-admin analytics endpoints
(cross-tenant disclosure) by
[@​michelligabriele](https://redirect.github.com/michelligabriele)
in
[#​26929](https://redirect.github.com/BerriAI/litellm/pull/26929)
- Litellm clean litellm oss staging 04 01 2026 by
[@​Sameerlite](https://redirect.github.com/Sameerlite) in
[#​25856](https://redirect.github.com/BerriAI/litellm/pull/25856)
- \[Infra] Merge dev branch by
[@​yuneng-berri](https://redirect.github.com/yuneng-berri) in
[#​27024](https://redirect.github.com/BerriAI/litellm/pull/27024)
- \[Fix] RBAC: Restore Admin Viewer Read Parity for Logs + Settings
Pages by
[@​yuneng-berri](https://redirect.github.com/yuneng-berri) in
[#​26846](https://redirect.github.com/BerriAI/litellm/pull/26846)
- Fix Redis key generation to be stable across working directories by
[@​mateo-berri](https://redirect.github.com/mateo-berri) in
[#​27025](https://redirect.github.com/BerriAI/litellm/pull/27025)
- \[Fix] Proxy/Key Management: Honor team\_member\_permissions /key/list
In /key/list Endpoint by
[@​yuneng-berri](https://redirect.github.com/yuneng-berri) in
[#​27026](https://redirect.github.com/BerriAI/litellm/pull/27026)
- chore(proxy): tighten router-settings-override and mock-testing trust
by [@​stuxf](https://redirect.github.com/stuxf) in
[#​26968](https://redirect.github.com/BerriAI/litellm/pull/26968)
- fix(batches): count non-chat tokens, validate batch-file model access
(VERIA-39) by [@​stuxf](https://redirect.github.com/stuxf) in
[#​27015](https://redirect.github.com/BerriAI/litellm/pull/27015)
- fix(proxy): re-validate user\_id after /user/info re-parses query by
[@​stuxf](https://redirect.github.com/stuxf) in
[#​27009](https://redirect.github.com/BerriAI/litellm/pull/27009)
- fix(mcp): run pre\_call\_tool\_check on OpenAPI/local-registry path
(VERIA-7) by [@​stuxf](https://redirect.github.com/stuxf) in
[#​27016](https://redirect.github.com/BerriAI/litellm/pull/27016)
- Fix runtime policy attachment initialization by
[@​shivamrawat1](https://redirect.github.com/shivamrawat1) in
[#​27028](https://redirect.github.com/BerriAI/litellm/pull/27028)
- fix(prometheus): escape api\_key for PromQL string literal (VERIA-53)
by [@​stuxf](https://redirect.github.com/stuxf) in
[#​27013](https://redirect.github.com/BerriAI/litellm/pull/27013)
- \[Fix] Isolate dual OTEL handlers by
[@​Michael-RZ-Berri](https://redirect.github.com/Michael-RZ-Berri)
in
[#​27018](https://redirect.github.com/BerriAI/litellm/pull/27018)
- fix(proxy): close project hijacking and key org IDOR (VERIA-55) by
[@​stuxf](https://redirect.github.com/stuxf) in
[#​27011](https://redirect.github.com/BerriAI/litellm/pull/27011)
- fix: honor key access\_group\_ids when team restricts models by
[@​ryan-crabbe-berri](https://redirect.github.com/ryan-crabbe-berri)
in
[#​26275](https://redirect.github.com/BerriAI/litellm/pull/26275)
- chore(auth): require trusted proxy for header identity auth by
[@​stuxf](https://redirect.github.com/stuxf) in
[#​26825](https://redirect.github.com/BerriAI/litellm/pull/26825)
- chore(sso): bind generic SSO state to a session cookie by
[@​stuxf](https://redirect.github.com/stuxf) in
[#​26944](https://redirect.github.com/BerriAI/litellm/pull/26944)
- \[Fix] Release Workflow: Detect SemVer-Style Pre-Release Dev Tags by
[@​yuneng-berri](https://redirect.github.com/yuneng-berri) in
[#​26966](https://redirect.github.com/BerriAI/litellm/pull/26966)
- \[Infra] Merge dev branch by
[@​yuneng-berri](https://redirect.github.com/yuneng-berri) in
[#​27032](https://redirect.github.com/BerriAI/litellm/pull/27032)
- \[Test] Anthropic: Replace Legacy Claude-4-Sonnet Alias With Haiku 4.5
by [@​yuneng-berri](https://redirect.github.com/yuneng-berri) in
[#​27031](https://redirect.github.com/BerriAI/litellm/pull/27031)
- fix(auth): support JWT issuer verification + warn when unscoped by
[@​stuxf](https://redirect.github.com/stuxf) in
[#​27008](https://redirect.github.com/BerriAI/litellm/pull/27008)
- fix(router): constrain same-name deployment routing by access groups
by [@​Sameerlite](https://redirect.github.com/Sameerlite) in
[#​26161](https://redirect.github.com/BerriAI/litellm/pull/26161)
- fix(gemini): follow provider defaults for Gemini 3 thinking by
[@​Sameerlite](https://redirect.github.com/Sameerlite) in
[#​25764](https://redirect.github.com/BerriAI/litellm/pull/25764)
- feat(mcp): enforce org-level MCP server and toolset permissions by
[@​Sameerlite](https://redirect.github.com/Sameerlite) in
[#​26960](https://redirect.github.com/BerriAI/litellm/pull/26960)
- merge main by
[@​Sameerlite](https://redirect.github.com/Sameerlite) in
[#​27036](https://redirect.github.com/BerriAI/litellm/pull/27036)
- fix(guardrails): preserve responses event streams in presidio output
masking by [@​Sameerlite](https://redirect.github.com/Sameerlite)
in
[#​26878](https://redirect.github.com/BerriAI/litellm/pull/26878)
- chore(staging): roll oss\_staging\_04\_25\_2026 into internal staging
(output\_config fix + 4 upstream sync fixes) by
[@​mateo-berri](https://redirect.github.com/mateo-berri) in
[#​26530](https://redirect.github.com/BerriAI/litellm/pull/26530)
- feat(vertex-ai): transform batch prediction outputs to OpenAI format
by [@​Sameerlite](https://redirect.github.com/Sameerlite) in
[#​25627](https://redirect.github.com/BerriAI/litellm/pull/25627)
- \[Fix] gpt-5.5 reasoning\_effort capability flags + add
supports\_low\_reasoning\_effort by
[@​mateo-berri](https://redirect.github.com/mateo-berri) in
[#​26456](https://redirect.github.com/BerriAI/litellm/pull/26456)
- fix(anthropic,bedrock): omit thinking/output\_config when
reasoning\_effort="none" by
[@​mateo-berri](https://redirect.github.com/mateo-berri) in
[#​27039](https://redirect.github.com/BerriAI/litellm/pull/27039)
- fix(vertex-ai): set response=null on batch error entries per OpenAI
spec by [@​mateo-berri](https://redirect.github.com/mateo-berri)
in
[#​27041](https://redirect.github.com/BerriAI/litellm/pull/27041)
- test(responses): replace legacy `claude-4-sonnet-20250514` alias in
multiturn tool-call test by
[@​mateo-berri](https://redirect.github.com/mateo-berri) in
[#​27077](https://redirect.github.com/BerriAI/litellm/pull/27077)
- \[Fix] Remove unwanted metadata info from LangSmith by
[@​Michael-RZ-Berri](https://redirect.github.com/Michael-RZ-Berri)
in
[#​26894](https://redirect.github.com/BerriAI/litellm/pull/26894)
- \[Fix] Docker: Pin Wolfi And Uv To Multi-Arch Index Digests by
[@​yuneng-berri](https://redirect.github.com/yuneng-berri) in
[#​27123](https://redirect.github.com/BerriAI/litellm/pull/27123)
- feat(spend-logs): opt-in suppression of stack traces in spend-tracking
error logs by
[@​mateo-berri](https://redirect.github.com/mateo-berri) in
[#​26899](https://redirect.github.com/BerriAI/litellm/pull/26899)
- feat(proxy): add support for Grafana Cloud Pyroscope authentication by
[@​harish-berri](https://redirect.github.com/harish-berri) in
[#​26902](https://redirect.github.com/BerriAI/litellm/pull/26902)
- chore(deps): refresh dependency locks by
[@​stuxf](https://redirect.github.com/stuxf) in
[#​27126](https://redirect.github.com/BerriAI/litellm/pull/27126)
- chore(team): require team-management role on /team/{id}/callback
endpoints by [@​stuxf](https://redirect.github.com/stuxf) in
[#​26819](https://redirect.github.com/BerriAI/litellm/pull/26819)
- chore(providers): guard URL-valued model destinations by
[@​stuxf](https://redirect.github.com/stuxf) in
[#​26915](https://redirect.github.com/BerriAI/litellm/pull/26915)
- chore(audit): audit-log /cache/settings +
/config\_overrides/hashicorp\_vault mutations by
[@​stuxf](https://redirect.github.com/stuxf) in
[#​26953](https://redirect.github.com/BerriAI/litellm/pull/26953)
- fix(auth): block missing write routes for proxy admin viewers by
[@​stuxf](https://redirect.github.com/stuxf) in
[#​27007](https://redirect.github.com/BerriAI/litellm/pull/27007)
- fix(proxy): scope team and agent activity endpoints per-entity
(VERIA-43) by [@​stuxf](https://redirect.github.com/stuxf) in
[#​27014](https://redirect.github.com/BerriAI/litellm/pull/27014)
- fix(anthropic,bedrock,vertex): forward output\_config.effort + 400 on
garbage reasoning\_effort by
[@​mateo-berri](https://redirect.github.com/mateo-berri) in
[#​27074](https://redirect.github.com/BerriAI/litellm/pull/27074)
- fix(files): constrain cloud storage file paths (VERIA-45, VERIA-59) by
[@​stuxf](https://redirect.github.com/stuxf) in
[#​27019](https://redirect.github.com/BerriAI/litellm/pull/27019)
- fix(proxy): redact MCP server URL and headers for non-admin viewers
(VERIA-8) by [@​stuxf](https://redirect.github.com/stuxf) in
[#​27027](https://redirect.github.com/BerriAI/litellm/pull/27027)
- \[Fix] Treat 0 team\_member\_budget as no cap by
[@​Michael-RZ-Berri](https://redirect.github.com/Michael-RZ-Berri)
in
[#​27133](https://redirect.github.com/BerriAI/litellm/pull/27133)
- feat: routing groups by
[@​yassin-berriai](https://redirect.github.com/yassin-berriai) in
[#​27022](https://redirect.github.com/BerriAI/litellm/pull/27022)
- \[fix] fix metric labels for litellm-side rejects by
[@​Michael-RZ-Berri](https://redirect.github.com/Michael-RZ-Berri)
in
[#​26947](https://redirect.github.com/BerriAI/litellm/pull/26947)
- chore(proxy): close callback-config and observability-credential side
channels by [@​stuxf](https://redirect.github.com/stuxf) in
[#​27081](https://redirect.github.com/BerriAI/litellm/pull/27081)
- fix(vector\_store): resolve embedding config at request time, never
persist creds by [@​stuxf](https://redirect.github.com/stuxf) in
[#​27082](https://redirect.github.com/BerriAI/litellm/pull/27082)
- chore(caching): isolate semantic cache entries by
[@​stuxf](https://redirect.github.com/stuxf) in
[#​26990](https://redirect.github.com/BerriAI/litellm/pull/26990)
- chore(proxy): guard sensitive public endpoints by
[@​stuxf](https://redirect.github.com/stuxf) in
[#​26912](https://redirect.github.com/BerriAI/litellm/pull/26912)
- chore(guardrails): cover multimodal + Responses-API content shapes by
[@​stuxf](https://redirect.github.com/stuxf) in
[#​26957](https://redirect.github.com/BerriAI/litellm/pull/26957)
- chore(proxy): drop client-supplied pricing fields from request bodies
by [@​stuxf](https://redirect.github.com/stuxf) in
[#​27071](https://redirect.github.com/BerriAI/litellm/pull/27071)
- feat: routing groups ui by
[@​yassin-berriai](https://redirect.github.com/yassin-berriai) in
[#​27131](https://redirect.github.com/BerriAI/litellm/pull/27131)
- fix(security): sandbox jinja2 in gitlab/arize/bitbucket prompt
managers by [@​stuxf](https://redirect.github.com/stuxf) in
[#​27043](https://redirect.github.com/BerriAI/litellm/pull/27043)
- \[Fix] Tests: Replace deprecated openrouter/claude-3.7-sonnet with
claude-sonnet-4.5 by
[@​yuneng-berri](https://redirect.github.com/yuneng-berri) in
[#​27149](https://redirect.github.com/BerriAI/litellm/pull/27149)
- \[Infra] Merge dev branch by
[@​yuneng-berri](https://redirect.github.com/yuneng-berri) in
[#​27151](https://redirect.github.com/BerriAI/litellm/pull/27151)
- fix(proxy): isolate managed resources for service-account API keys by
[@​stuxf](https://redirect.github.com/stuxf) in
[#​27004](https://redirect.github.com/BerriAI/litellm/pull/27004)
- chore(proxy): tighten resource ownership checks by
[@​stuxf](https://redirect.github.com/stuxf) in
[#​26951](https://redirect.github.com/BerriAI/litellm/pull/26951)
- fix(scim): revoke virtual keys when SCIM deprovisions a user by
[@​mateo-berri](https://redirect.github.com/mateo-berri) in
[#​26861](https://redirect.github.com/BerriAI/litellm/pull/26861)
- fix(security): prevent secret\_fields from leaking into spend logs by
[@​krrish-berri-2](https://redirect.github.com/krrish-berri-2) in
[#​27143](https://redirect.github.com/BerriAI/litellm/pull/27143)
- feat(proxy): add health\_check\_reasoning\_effort for model health
checks by [@​Sameerlite](https://redirect.github.com/Sameerlite)
in
[#​27115](https://redirect.github.com/BerriAI/litellm/pull/27115)
- fix(azure): omit model from deployment image gen and image edit bodies
by [@​Sameerlite](https://redirect.github.com/Sameerlite) in
[#​27103](https://redirect.github.com/BerriAI/litellm/pull/27103)
- \[Fix] CI: Enable VCR replay for test\_azure\_o\_series by
[@​yuneng-berri](https://redirect.github.com/yuneng-berri) in
[#​27165](https://redirect.github.com/BerriAI/litellm/pull/27165)
- \[Fix] Proxy: Break managed-resources import cycle on Python 3.13 by
[@​yuneng-berri](https://redirect.github.com/yuneng-berri) in
[#​27160](https://redirect.github.com/BerriAI/litellm/pull/27160)
- \[Infra] Build UI by
[@​yuneng-berri](https://redirect.github.com/yuneng-berri) in
[#​27156](https://redirect.github.com/BerriAI/litellm/pull/27156)
- \[Perf] CI: Skip Redundant Playwright Apt Install in E2E UI Job by
[@​yuneng-berri](https://redirect.github.com/yuneng-berri) in
[#​27169](https://redirect.github.com/BerriAI/litellm/pull/27169)
- \[Fix] Docker: Remove Hardcoded Prisma Binary Target For Multi-Arch
Builds by
[@​yuneng-berri](https://redirect.github.com/yuneng-berri) in
[#​27170](https://redirect.github.com/BerriAI/litellm/pull/27170)
- \[Fix] UI: Clear Admin Session Cookies Before Establishing Invited
User's Session by
[@​yuneng-berri](https://redirect.github.com/yuneng-berri) in
[#​27227](https://redirect.github.com/BerriAI/litellm/pull/27227)
- test: add 24hr Redis-backed VCR cache to additional test suites by
[@​mateo-berri](https://redirect.github.com/mateo-berri) in
[#​27159](https://redirect.github.com/BerriAI/litellm/pull/27159)
- \[Fix] Team UI: handle legacy dict shape for metadata.guardrails by
[@​ryan-crabbe-berri](https://redirect.github.com/ryan-crabbe-berri)
in
[#​27224](https://redirect.github.com/BerriAI/litellm/pull/27224)
- \[Infra] Build UI by
[@​yuneng-berri](https://redirect.github.com/yuneng-berri) in
[#​27240](https://redirect.github.com/BerriAI/litellm/pull/27240)
- \[Infra] Bump deps by
[@​yuneng-berri](https://redirect.github.com/yuneng-berri) in
[#​27157](https://redirect.github.com/BerriAI/litellm/pull/27157)
- refactor(BaseAWSLLM): implement shared IAM cache and static credentia…
by [@​harish-berri](https://redirect.github.com/harish-berri) in
[#​27125](https://redirect.github.com/BerriAI/litellm/pull/27125)
- feat(realtime): OpenAI Realtime GA support and beta compatibility by
[@​Sameerlite](https://redirect.github.com/Sameerlite) in
[#​27110](https://redirect.github.com/BerriAI/litellm/pull/27110)
- fix: atomic TPM rate limit by
[@​yassin-berriai](https://redirect.github.com/yassin-berriai) in
[#​27001](https://redirect.github.com/BerriAI/litellm/pull/27001)
- helm: increase default probe timeouts, disable debug logging by
default by
[@​yassin-berriai](https://redirect.github.com/yassin-berriai) in
[#​27237](https://redirect.github.com/BerriAI/litellm/pull/27237)
- helm: skip proxy startup prisma db push when migrations Job is enabled
by [@​yassin-berriai](https://redirect.github.com/yassin-berriai)
in
[#​27200](https://redirect.github.com/BerriAI/litellm/pull/27200)
- fix(anthropic, mcp): sanitize tool names to match Anthropic's
\[a-zA-Z0-9\_-]{1,128} pattern by
[@​krrish-berri-2](https://redirect.github.com/krrish-berri-2) in
[#​26788](https://redirect.github.com/BerriAI/litellm/pull/26788)
- feat(audio\_transcription): add NVIDIA Riva STT provider by
[@​Sameerlite](https://redirect.github.com/Sameerlite) in
[#​27185](https://redirect.github.com/BerriAI/litellm/pull/27185)
- \[Test] Tests: Stop parametrizing API keys into pytest test IDs by
[@​yuneng-berri](https://redirect.github.com/yuneng-berri) in
[#​27249](https://redirect.github.com/BerriAI/litellm/pull/27249)
- fix(hosted\_vllm): normalize custom tools for chat completions by
[@​Sameerlite](https://redirect.github.com/Sameerlite) in
[#​25763](https://redirect.github.com/BerriAI/litellm/pull/25763)
- ci(circleci): enable Rerun Failed Tests for all pytest jobs by
[@​mateo-berri](https://redirect.github.com/mateo-berri) in
[#​27155](https://redirect.github.com/BerriAI/litellm/pull/27155)
- \[Fix] Union x-litellm-tags with static team/key tags by
[@​Michael-RZ-Berri](https://redirect.github.com/Michael-RZ-Berri)
in
[#​27247](https://redirect.github.com/BerriAI/litellm/pull/27247)
- fix: replace user api key auth with authorization or cookie for mcp
server creation by
[@​dennishenry](https://redirect.github.com/dennishenry) in
[#​27190](https://redirect.github.com/BerriAI/litellm/pull/27190)
- Include model name + configured TPM/RPM in priority rate-limit 429 er…
by [@​ishaan-berri](https://redirect.github.com/ishaan-berri) in
[#​27216](https://redirect.github.com/BerriAI/litellm/pull/27216)
- Fix Prometheus custom metadata label counts
([#​27268](https://redirect.github.com/BerriAI/litellm/issues/27268))
by [@​ishaan-berri](https://redirect.github.com/ishaan-berri) in
[#​27271](https://redirect.github.com/BerriAI/litellm/pull/27271)
- perf(proxy): run daily activity aggregation off the event loop by
[@​yassin-berriai](https://redirect.github.com/yassin-berriai) in
[#​27264](https://redirect.github.com/BerriAI/litellm/pull/27264)
- proxy: hot-reload config YAML when --reload is set by
[@​mateo-berri](https://redirect.github.com/mateo-berri) in
[#​27274](https://redirect.github.com/BerriAI/litellm/pull/27274)
- fix(proxy): keep spend log cleanup running after batch failures by
[@​yassin-berriai](https://redirect.github.com/yassin-berriai) in
[#​27303](https://redirect.github.com/BerriAI/litellm/pull/27303)
- Fix team member budget enforcement without user row by
[@​ishaan-berri](https://redirect.github.com/ishaan-berri) in
[#​27273](https://redirect.github.com/BerriAI/litellm/pull/27273)
- Fix SCIM user lookup filters by
[@​oss-agent-shin](https://redirect.github.com/oss-agent-shin) in
[#​27308](https://redirect.github.com/BerriAI/litellm/pull/27308)
- Fix/member access group team by
[@​dibyom](https://redirect.github.com/dibyom) in
[#​27317](https://redirect.github.com/BerriAI/litellm/pull/27317)
- Fix early proxy request size enforcement by
[@​oss-agent-shin](https://redirect.github.com/oss-agent-shin) in
[#​27311](https://redirect.github.com/BerriAI/litellm/pull/27311)
- Cap Prometheus end-user metric cardinality by
[@​ishaan-berri](https://redirect.github.com/ishaan-berri) in
[#​27272](https://redirect.github.com/BerriAI/litellm/pull/27272)
- Add new chat model metadata by
[@​ishaan-berri](https://redirect.github.com/ishaan-berri) in
[#​27313](https://redirect.github.com/BerriAI/litellm/pull/27313)
- Fix MCP DB reload partial failures by
[@​ishaan-berri](https://redirect.github.com/ishaan-berri) in
[#​27314](https://redirect.github.com/BerriAI/litellm/pull/27314)
- Fix Anthropic streaming reasoning token usage by
[@​ishaan-berri](https://redirect.github.com/ishaan-berri) in
[#​27319](https://redirect.github.com/BerriAI/litellm/pull/27319)
- Fix Vertex Anthropic streaming status error hangs by
[@​ishaan-berri](https://redirect.github.com/ishaan-berri) in
[#​27310](https://redirect.github.com/BerriAI/litellm/pull/27310)
- Add Azure Sentinel audit log support by
[@​oss-agent-shin](https://redirect.github.com/oss-agent-shin) in
[#​27280](https://redirect.github.com/BerriAI/litellm/pull/27280)
- \[Chore] CI: Assign test\_request\_size\_limit\_middleware To
Proxy-Runtime Shard by
[@​yuneng-berri](https://redirect.github.com/yuneng-berri) in
[#​27341](https://redirect.github.com/BerriAI/litellm/pull/27341)
- \[Chore] CI: Block PRs that drop overall code coverage by
[@​yuneng-berri](https://redirect.github.com/yuneng-berri) in
[#​27340](https://redirect.github.com/BerriAI/litellm/pull/27340)
- Fix Prometheus remaining metric zero values by
[@​ishaan-berri](https://redirect.github.com/ishaan-berri) in
[#​27348](https://redirect.github.com/BerriAI/litellm/pull/27348)
- Refactor Bedrock response stream shape handling by
[@​harish-berri](https://redirect.github.com/harish-berri) in
[#​27257](https://redirect.github.com/BerriAI/litellm/pull/27257)
- feat(xai): add grok-4.3 and grok-4.3-latest to
model\_prices\_and\_conte… by
[@​ishaan-berri](https://redirect.github.com/ishaan-berri) in
[#​27154](https://redirect.github.com/BerriAI/litellm/pull/27154)
- feat(xai): cherry-pick grok-4.3 model entries onto main
([#​27154](https://redirect.github.com/BerriAI/litellm/issues/27154))
by [@​mateo-berri](https://redirect.github.com/mateo-berri) in
[#​27396](https://redirect.github.com/BerriAI/litellm/pull/27396)
- fix(proxy): run model-level post\_call guardrails on streaming
requests by
[@​michelligabriele](https://redirect.github.com/michelligabriele)
in
[#​26922](https://redirect.github.com/BerriAI/litellm/pull/26922)
- \[Fix] Allow non-admin compliance path reads by
[@​Michael-RZ-Berri](https://redirect.github.com/Michael-RZ-Berri)
in
[#​27234](https://redirect.github.com/BerriAI/litellm/pull/27234)
- \[Fix] Tests: Reduce VCR cassette bloat and fix multipart caching by
[@​yuneng-berri](https://redirect.github.com/yuneng-berri) in
[#​27409](https://redirect.github.com/BerriAI/litellm/pull/27409)
- \[Feat] Decouple S3 audit-log config via s3\_audit\_callback\_params
by
[@​Michael-RZ-Berri](https://redirect.github.com/Michael-RZ-Berri)
in
[#​27222](https://redirect.github.com/BerriAI/litellm/pull/27222)
- Fix Bedrock passthrough call ID headers by
[@​ishaan-berri](https://redirect.github.com/ishaan-berri) in
[#​27412](https://redirect.github.com/BerriAI/litellm/pull/27412)
- fix(chat-completions): decode unified file\_id when
model\_file\_id\_mapping is unavailable by
[@​michelligabriele](https://redirect.github.com/michelligabriele)
in
[#​27406](https://redirect.github.com/BerriAI/litellm/pull/27406)
- \[litellm-agent] Staging → litellm\_internal\_staging (5/7/2026) by
[@​oss-pr-review-agent-shin](https://redirect.github.com/oss-pr-review-agent-shin)\[bot]
in
[#​27375](https://redirect.github.com/BerriAI/litellm/pull/27375)
- feat(auth): add scope and wildcard support for JWT routing overrides
by [@​milan-berri](https://redirect.github.com/milan-berri) in
[#​26325](https://redirect.github.com/BerriAI/litellm/pull/26325)
- feat(mcp): add OBO MCP Auth by
[@​ishaan-berri](https://redirect.github.com/ishaan-berri) in
[#​27421](https://redirect.github.com/BerriAI/litellm/pull/27421)
- \[Fix] Realtime Tests: Update Deprecated OpenAI Model Pin by
[@​yuneng-berri](https://redirect.github.com/yuneng-berri) in
[#​27415](https://redirect.github.com/BerriAI/litellm/pull/27415)
- \[Infra] Packaging: Relax Core Runtime Pins To Ranges by
[@​yuneng-berri](https://redirect.github.com/yuneng-berri) in
[#​27241](https://redirect.github.com/BerriAI/litellm/pull/27241)
- fix: remove separate health app by
[@​yassin-berriai](https://redirect.github.com/yassin-berriai) in
[#​27430](https://redirect.github.com/BerriAI/litellm/pull/27430)
- test(interactions): align openapi compliance with upstream rename
outputs->steps by
[@​yuneng-berri](https://redirect.github.com/yuneng-berri) in
[#​27432](https://redirect.github.com/BerriAI/litellm/pull/27432)
- \[Security] Clear AWS Inspector CVE findings on Docker image by
[@​stuxf](https://redirect.github.com/stuxf) in
[#​27225](https://redirect.github.com/BerriAI/litellm/pull/27225)
- \[Infra] Merge dev branch by
[@​yuneng-berri](https://redirect.github.com/yuneng-berri) in
[#​27433](https://redirect.github.com/BerriAI/litellm/pull/27433)
- \[Infra] Bump versions by
[@​yuneng-berri](https://redirect.github.com/yuneng-berri) in
[#​27431](https://redirect.github.com/BerriAI/litellm/pull/27431)
- chore: merge main into internal\_staging to restore lineage by
[@​yuneng-berri](https://redirect.github.com/yuneng-berri) in
[#​27437](https://redirect.github.com/BerriAI/litellm/pull/27437)
- \[Infra] Promote Internal Staging to main by
[@​yuneng-berri](https://redirect.github.com/yuneng-berri) in
[#​27436](https://redirect.github.com/BerriAI/litellm/pull/27436)
- fix(ui): URL-encode team\_id in teamInfoCall to handle special
characters by [@​SHARP155](https://redirect.github.com/SHARP155)
in
[#​27466](https://redirect.github.com/BerriAI/litellm/pull/27466)
- Fix team model test connection authorization by
[@​oss-agent-shin](https://redirect.github.com/oss-agent-shin) in
[#​27487](https://redirect.github.com/BerriAI/litellm/pull/27487)
- Fix: add OpenRouter Qwen 3.6 Plus metadata by
[@​oss-agent-shin](https://redirect.github.com/oss-agent-shin) in
[#​27486](https://redirect.github.com/BerriAI/litellm/pull/27486)
- feat(sso): show full IdP claims in /sso/debug/callback by
[@​ryan-crabbe-berri](https://redirect.github.com/ryan-crabbe-berri)
in
[#​27498](https://redirect.github.com/BerriAI/litellm/pull/27498)
- \[Feat] Honor OTEL\_INSTRUMENTATION\_GENAI\_CAPTURE\_MESSAGE\_CONTENT
by
[@​Michael-RZ-Berri](https://redirect.github.com/Michael-RZ-Berri)
in
[#​27403](https://redirect.github.com/BerriAI/litellm/pull/27403)
- fix(proxy): point /metrics 401 at the opt-out flag by
[@​yuneng-berri](https://redirect.github.com/yuneng-berri) in
[#​27502](https://redirect.github.com/BerriAI/litellm/pull/27502)
- feat: separate db read and write endpoints by
[@​yassin-berriai](https://redirect.github.com/yassin-berriai) in
[#​27493](https://redirect.github.com/BerriAI/litellm/pull/27493)
- \[UI] Rename "Default" key type to "Full Access" and reorder dropdown
by
[@​ryan-crabbe-berri](https://redirect.github.com/ryan-crabbe-berri)
in
[#​27218](https://redirect.github.com/BerriAI/litellm/pull/27218)
- fix(proxy): flush virtual-key model\_max budget spend to Redis after
success logging by
[@​milan-berri](https://redirect.github.com/milan-berri) in
[#​27334](https://redirect.github.com/BerriAI/litellm/pull/27334)
- fix(realtime): add /openai/v1/realtime to routes for logging by
[@​Michael-RZ-Berri](https://redirect.github.com/Michael-RZ-Berri)
in
[#​27323](https://redirect.github.com/BerriAI/litellm/pull/27323)
- fix(proxy): bound budget reservation per request instead of pinning to
headroom by
[@​yuneng-berri](https://redirect.github.com/yuneng-berri) in
[#​27509](https://redirect.github.com/BerriAI/litellm/pull/27509)
- fix(ui-tests): add Typography to antd mock in create\_key\_button test
by [@​yuneng-berri](https://redirect.github.com/yuneng-berri) in
[#​27537](https://redirect.github.com/BerriAI/litellm/pull/27537)
- fix(mcp): forward extra\_headers for OpenAPI MCP tools by
[@​milan-berri](https://redirect.github.com/milan-berri) in
[#​27383](https://redirect.github.com/BerriAI/litellm/pull/27383)
- \[Feat] Add endpoint for bulk key updates for team by
[@​Michael-RZ-Berri](https://redirect.github.com/Michael-RZ-Berri)
in
[#​26468](https://redirect.github.com/BerriAI/litellm/pull/26468)
- feat(guardrails): optional skip tool message in unified guardrail
inputs by
[@​shivamrawat1](https://redirect.github.com/shivamrawat1) in
[#​27441](https://redirect.github.com/BerriAI/litellm/pull/27441)
- Fix/shared health check polling by
[@​noahnistler](https://redirect.github.com/noahnistler) in
[#​26434](https://redirect.github.com/BerriAI/litellm/pull/26434)
- fix(proxy): resolve provider from deployment for multi-provider
defaultconfig
([#​27516](https://redirect.github.com/BerriAI/litellm/issues/27516))
by [@​Anai-Guo](https://redirect.github.com/Anai-Guo) in
[#​27517](https://redirect.github.com/BerriAI/litellm/pull/27517)
- fix(bedrock/messages): preserve compact\_20260112 context\_management
on /v1/messages by
[@​Anai-Guo](https://redirect.github.com/Anai-Guo) in
[#​27534](https://redirect.github.com/BerriAI/litellm/pull/27534)
- fix(router): register model info under responses/-stripped variant by
[@​krisxia0506](https://redirect.github.com/krisxia0506) in
[#​27531](https://redirect.github.com/BerriAI/litellm/pull/27531)
- fix(ui): remove blank leading entry from access group model dropdown
by
[@​Bytechoreographer](https://redirect.github.com/Bytechoreographer)
in
[#​27521](https://redirect.github.com/BerriAI/litellm/pull/27521)
- fix(proxy): coerce non-str x-litellm-\* header values to avoid httpx
TypeError
([#​27458](https://redirect.github.com/BerriAI/litellm/issues/27458))
by [@​Anai-Guo](https://redirect.github.com/Anai-Guo) in
[#​27504](https://redirect.github.com/BerriAI/litellm/pull/27504)
- chore: remove legacy deployment artifacts and litellm-js packages by
[@​yassin-berriai](https://redirect.github.com/yassin-berriai) in
[#​27541](https://redirect.github.com/BerriAI/litellm/pull/27541)
- build(packaging): raise jinja2 floor to 3.1.6 by
[@​yuneng-berri](https://redirect.github.com/yuneng-berri) in
[#​27552](https://redirect.github.com/BerriAI/litellm/pull/27552)
- Fix proxy auth status code tests by
[@​ishaan-berri](https://redirect.github.com/ishaan-berri) in
[#​27555](https://redirect.github.com/BerriAI/litellm/pull/27555)
- \[Fix] Reset proxy budget when initial reset duration is null then
updated by
[@​Michael-RZ-Berri](https://redirect.github.com/Michael-RZ-Berri)
in
[#​27488](https://redirect.github.com/BerriAI/litellm/pull/27488)
- feat: add ability to auth to azure with token by
[@​shivamrawat1](https://redirect.github.com/shivamrawat1) in
[#​27556](https://redirect.github.com/BerriAI/litellm/pull/27556)
- \[Infra] Promote Internal Staging to main by
[@​ryan-crabbe-berri](https://redirect.github.com/ryan-crabbe-berri)
in
[#​27559](https://redirect.github.com/BerriAI/litellm/pull/27559)
- \[Fix] Reset org and tag budgets by
[@​Michael-RZ-Berri](https://redirect.github.com/Michael-RZ-Berri)
in
[#​27326](https://redirect.github.com/BerriAI/litellm/pull/27326)
- Fix: tag budget reset must drop stale management-cache entry by
[@​oss-agent-shin](https://redirect.github.com/oss-agent-shin) in
[#​27568](https://redirect.github.com/BerriAI/litellm/pull/27568)
- fix(ui): omit allowed\_routes from key edit save when unchanged by
[@​ryan-crabbe-berri](https://redirect.github.com/ryan-crabbe-berri)
in
[#​27553](https://redirect.github.com/BerriAI/litellm/pull/27553)
- \[litellm-agent] Staging → litellm\_internal\_staging (5/6/2026) by
[@​oss-pr-review-agent-shin](https://redirect.github.com/oss-pr-review-agent-shin)\[bot]
in
[#​27256](https://redirect.github.com/BerriAI/litellm/pull/27256)
- \[litellm-agent] Staging → litellm\_internal\_staging (5/7/2026) by
[@​oss-pr-review-agent-shin](https://redirect.github.com/oss-pr-review-agent-shin)\[bot]
in
[#​27422](https://redirect.github.com/BerriAI/litellm/pull/27422)
- \[litellm-agent] Staging → litellm\_internal\_staging (5/9/2026) by
[@​oss-pr-review-agent-shin](https://redirect.github.com/oss-pr-review-agent-shin)\[bot]
in
[#​27549](https://redirect.github.com/BerriAI/litellm/pull/27549)
- chore: remove accidental .evidence folder by
[@​Sameerlite](https://redirect.github.com/Sameerlite) in
[#​27633](https://redirect.github.com/BerriAI/litellm/pull/27633)
- merge main by
[@​Sameerlite](https://redirect.github.com/Sameerlite) in
[#​27658](https://redirect.github.com/BerriAI/litellm/pull/27658)
- fix(anthropic): inject dummy tool without modify\_params by
[@​Sameerlite](https://redirect.github.com/Sameerlite) in
[#​27620](https://redirect.github.com/BerriAI/litellm/pull/27620)
- fix(responses): normalize chat tool\_choice for completions→responses
bridge by [@​Sameerlite](https://redirect.github.com/Sameerlite)
in
[#​27634](https://redirect.github.com/BerriAI/litellm/pull/27634)
- Fix internal tag usage scoping by
[@​ishaan-berri](https://redirect.github.com/ishaan-berri) in
[#​27315](https://redirect.github.com/BerriAI/litellm/pull/27315)
- fix(openai): route reasoningSummary for gpt-5.4+ chat without tools to
Responses API by
[@​Sameerlite](https://redirect.github.com/Sameerlite) in
[#​27618](https://redirect.github.com/BerriAI/litellm/pull/27618)
- feat(batch-job): bedrock batch model invocation job retrieval by
[@​dgu1-godaddy](https://redirect.github.com/dgu1-godaddy) in
[#​26834](https://redirect.github.com/BerriAI/litellm/pull/26834)
- \[litellm-agent] Staging → litellm\_internal\_staging (5/11/2026) by
[@​oss-pr-review-agent-shin](https://redirect.github.com/oss-pr-review-agent-shin)\[bot]
in
[#​27677](https://redirect.github.com/BerriAI/litellm/pull/27677)
- ci: add manually-triggered mutation testing workflow by
[@​ryan-crabbe-berri](https://redirect.github.com/ryan-crabbe-berri)
in
[#​27576](https://redirect.github.com/BerriAI/litellm/pull/27576)
- Add Bedrock Claude Platform route by
[@​oss-agent-shin](https://redirect.github.com/oss-agent-shin) in
[#​27678](https://redirect.github.com/BerriAI/litellm/pull/27678)
- \[Feature] UI - Logs: Add 'Last Minute' to time-range quick select by
[@​yuneng-berri](https://redirect.github.com/yuneng-berri) in
[#​27446](https://redirect.github.com/BerriAI/litellm/pull/27446)
- fix(ci): unbreak realtime + bedrock batch tests by
[@​mateo-berri](https://redirect.github.com/mateo-berri) in
[#​27690](https://redirect.github.com/BerriAI/litellm/pull/27690)
- Litellm shin agent oss staging 05 10 2026 by
[@​Sameerlite](https://redirect.github.com/Sameerlite) in
[#​27631](https://redirect.github.com/BerriAI/litellm/pull/27631)
- fix(router): pin Responses API affinity to Azure resource on
model-group switch by
[@​mateo-berri](https://redirect.github.com/mateo-berri) in
[#​27703](https://redirect.github.com/BerriAI/litellm/pull/27703)
- Add pricing for openai/gpt-realtime-2 by
[@​superpoussin22](https://redirect.github.com/superpoussin22) in
[#​27653](https://redirect.github.com/BerriAI/litellm/pull/27653)
- Match litellm.completion supported model parameters with proxy model
info by [@​jyeros](https://redirect.github.com/jyeros) in
[#​27720](https://redirect.github.com/BerriAI/litellm/pull/27720)
- feat(ui): add Expires to key Overview header; merge User into one
field by
[@​ryan-crabbe-berri](https://redirect.github.com/ryan-crabbe-berri)
in
[#​27696](https://redirect.github.com/BerriAI/litellm/pull/27696)
- feat(ui): search teams by team ID alongside name by
[@​ryan-crabbe-berri](https://redirect.github.com/ryan-crabbe-berri)
in
[#​27684](https://redirect.github.com/BerriAI/litellm/pull/27684)
- fix(tests): use canonical litellm\_enterprise import path by
[@​ryan-crabbe-berri](https://redirect.github.com/ryan-crabbe-berri)
in
[#​27699](https://redirect.github.com/BerriAI/litellm/pull/27699)
- fix(tests): swap dall-e to gpt-image-1 after openai deprecation by
[@​yuneng-berri](https://redirect.github.com/yuneng-berri) in
[#​27787](https://redirect.github.com/BerriAI/litellm/pull/27787)
- fix(proxy): always merge caller-supplied tags into request metadata by
[@​yuneng-berri](https://redirect.github.com/yuneng-berri) in
[#​27784](https://redirect.github.com/BerriAI/litellm/pull/27784)
- chore: reject bare str at file-input sinks to prevent local-file read
by [@​krrish-berri-2](https://redirect.github.com/krrish-berri-2)
in
[#​27762](https://redirect.github.com/BerriAI/litellm/pull/27762)
- feat(ui): add Vertex AI Search as vector store provider by
[@​ryan-crabbe-berri](https://redirect.github.com/ryan-crabbe-berri)
in
[#​27790](https://redirect.github.com/BerriAI/litellm/pull/27790)
- Litellm key rotation bug by
[@​harish-berri](https://redirect.github.com/harish-berri) in
[#​27756](https://redirect.github.com/BerriAI/litellm/pull/27756)
- chore(proxy): close /key/regenerate ownership-rebind + premium-gate
bypass by [@​stuxf](https://redirect.github.com/stuxf) in
[#​27793](https://redirect.github.com/BerriAI/litellm/pull/27793)
- fix: OpenTelemetry tracing bugs in proxy integration by
[@​yassin-berriai](https://redirect.github.com/yassin-berriai) in
[#​27757](https://redirect.github.com/BerriAI/litellm/pull/27757)
- fix: enforce tag budgets on x-litellm-tags header requests by
[@​shivamrawat1](https://redirect.github.com/shivamrawat1) in
[#​27573](https://redirect.github.com/BerriAI/litellm/pull/27573)
- \[Infra] Merge dev branch by
[@​yuneng-berri](https://redirect.github.com/yuneng-berri) in
[#​27798](https://redirect.github.com/BerriAI/litellm/pull/27798)
- \[Infra] Build UI by
[@​yuneng-berri](https://redirect.github.com/yuneng-berri) in
[#​27805](https://redirect.github.com/BerriAI/litellm/pull/27805)
- \[Fix] Replace deprecated dall-e-3 with gpt-image-1 in tests by
[@​yuneng-berri](https://redirect.github.com/yuneng-berri) in
[#​27813](https://redirect.github.com/BerriAI/litellm/pull/27813)
- \[Fix] Lazy feature loading under SERVER\_ROOT\_PATH returns 404 by
[@​yuneng-berri](https://redirect.github.com/yuneng-berri) in
[#​27812](https://redirect.github.com/BerriAI/litellm/pull/27812)
- \[Infra] Promote internal staging to main by
[@​yuneng-berri](https://redirect.github.com/yuneng-berri) in
[#​27815](https://redirect.github.com/BerriAI/litellm/pull/27815)
- fix(gemini): normalize response\_schema on native generateContent by
[@​mateo-berri](https://redirect.github.com/mateo-berri) in
[#​27775](https://redirect.github.com/BerriAI/litellm/pull/27775)
- fix(responses): register cooldowns on failure + fail fast on stale
encrypted\_content by
[@​mateo-berri](https://redirect.github.com/mateo-berri) in
[#​27820](https://redirect.github.com/BerriAI/litellm/pull/27820)
- feat(proxy): skip disable\_background\_health\_check models on GET
/health when flag set by
[@​Sameerlite](https://redirect.github.com/Sameerlite) in
[#​27716](https://redirect.github.com/BerriAI/litellm/pull/27716)
- fix(bedrock-converse): drop blank-text fallback for empty thinking
blocks by [@​mateo-berri](https://redirect.github.com/mateo-berri)
in
[#​27850](https://redirect.github.com/BerriAI/litellm/pull/27850)
- fix(mcp): surface upstream 401 for token-forwarding MCP servers by
[@​Sameerlite](https://redirect.github.com/Sameerlite) in
[#​27847](https://redirect.github.com/BerriAI/litellm/pull/27847)
- fix(cost): align vertex\_ai/gemini-embedding-2-preview with Vertex
multimodal pricing by
[@​Sameerlite](https://redirect.github.com/Sameerlite) in
[#​27848](https://redirect.github.com/BerriAI/litellm/pull/27848)
- feat(mcp): add delegate\_auth\_to\_upstream flag for PKCE passthrough
by [@​Sameerlite](https://redirect.github.com/Sameerlite) in
[#​27834](https://redirect.github.com/BerriAI/litellm/pull/27834)
- fix(responses): preserve cache\_control in Responses API -> Chat
Completion transformation by
[@​Sameerlite](https://redirect.github.com/Sameerlite) in
[#​27727](https://redirect.github.com/BerriAI/litellm/pull/27727)
- fix(proxy): expose db status on public /health/readiness by
[@​yuneng-berri](https://redirect.github.com/yuneng-berri) in
[#​27866](https://redirect.github.com/BerriAI/litellm/pull/27866)
- docs(budget\_manager): add docstring to BudgetManager.reset\_cost by
[@​oss-agent-shin](https://redirect.github.com/oss-agent-shin) in
[#​27867](https://redirect.github.com/BerriAI/litellm/pull/27867)
- docs: add class docstring to \_LoopWrapper by
[@​oss-agent-shin](https://redirect.github.com/oss-agent-shin) in
[#​27870](https://redirect.github.com/BerriAI/litellm/pull/27870)
- fix: Fix Redis Sentinel client handling to solve authentication error…
by [@​krrish-berri-2](https://redirect.github.com/krrish-berri-2)
in
[#​26302](https://redirect.github.com/BerriAI/litellm/pull/26302)
- Litellm agent oss staging 05 11 2026 by
[@​Sameerlite](https://redirect.github.com/Sameerlite) in
[#​27733](https://redirect.github.com/BerriAI/litellm/pull/27733)
- Ishaan - May 13th Staging LiteLLM by [@​ish
> ✂ **Note**
>
> PR body was truncated to here.
</details>
---
### Configuration
📅 **Schedule**: (in timezone Etc/UTC)
- Branch creation
- Between 12:00 AM and 06:59 AM, only on Saturday (`* 0-6 * * 6`)
- Automerge
- At any time (no schedule defined)
🚦 **Automerge**: Disabled by config. Please merge this manually once you
are satisfied.
♻ **Rebasing**: Whenever PR is behind base branch, or you tick the
rebase/retry checkbox.
👻 **Immortal**: This PR will be recreated if closed unmerged. Get
[config
help](https://redirect.github.com/renovatebot/renovate/discussions) if
that's undesired.
---
- [ ] <!-- rebase-check -->If you want to rebase/retry this PR, check
this box
---
This PR was generated by [Mend Renovate](https://mend.io/renovate/).
View the [repository job
log](https://developer.mend.io/github/Aureliolo/synthorg).
<!--renovate-debug:eyJjcmVhdGVkSW5WZXIiOiI0My4xODUuMSIsInVwZGF0ZWRJblZlciI6IjQzLjE4NS4xIiwidGFyZ2V0QnJhbmNoIjoibWFpbiIsImxhYmVscyI6WyJkZXBlbmRlbmNpZXMiLCJ0eXBlOmNob3JlIl19-->
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com> feat: work pipeline spine (#1960) (#2013)
## Summary
Composes the single coherent path from "work enters" to "agents execute
it":
`intake -> projects -> decompose (solo-vs-team verdict) -> solo OR team
execute
-> coordination metrics`. This is the gateway child of EPIC #1955 and
the
single integration point every entry adapter (#1962/#1963/#1964/#1968)
will
feed via a typed `WorkItem`.
The pieces existed (IntakeEngine, DecompositionService,
MultiAgentCoordinator,
CoordinationMetricsCollector, simulation harness) but nothing composed
them,
and the solo-vs-team decision had no owner. This PR adds that spine and
the
owner.
## What changed
New `src/synthorg/engine/pipeline/` package (pluggable per the project
rule):
- `WorkItem` / `WorkPipelineResult` / `WorkPhaseResult` frozen models +
`WorkSource` / `RoutingVerdict` / `ExecutionPath` enums.
- `WorkRoutingPolicy` protocol + three strategies (`leaf-threshold`
default,
`always-team`, `llm-judged`) + `build_work_routing_policy` factory,
owned by
the decomposition layer. The solo-vs-team decision is internal and
automatic; never a user choice.
- `DefaultWorkPipeline` (the spine) + `build_work_pipeline` factory.
- `WorkPipelineError` hierarchy (intake-rejected 422 / project-not-found
404 /
routing-undecidable 500 / team-path-unavailable 503).
- `observability/events/pipeline.py` event constants.
Boot wiring:
- `RuntimeServices` extended to a 3-tuple sharing ONE boot `AgentEngine`
and
ONE `AgentTaskScorer` across the coordinator and the spine.
- `AppState.work_pipeline` seam mirroring `coordinator`; installed by
the
existing `_install_runtime_services` hook (once-only, injection-over-
autowire); hot-swapped on `post_setup_reinit`.
- New `coordination.routing_policy` /
`coordination.leaf_subtask_threshold`
settings, resolved at boot.
Leaf work runs single-agent via `worker_execution_service`; splittable
work
runs the coordinator. Empty-company / no-intake paths return cleanly (no
silent degradation).
## Decisions
Architecture decisions were taken via the decision protocol: new
`engine/pipeline/` package; pluggable `WorkRoutingPolicy` owned by the
decomposition layer; leaf bypasses the coordinator (with one shared
scorer);
typed `WorkItem` entry contract; single PR.
## Validation
- Unit: models, errors, policy (3 strategies + factory), service branch
selection, runtime-builder 3-tuple + shared-scorer identity, AppState
seam.
- Acceptance under the simulation harness (deterministic, zero LLM):
`tests/e2e/test_work_pipeline_spine_e2e.py` exercises both the solo and
the
team branch through `work_pipeline.run`, asserting a
`CoordinationMetricsRecord` lands for the team path.
- Full unit suite, ruff, ruff-format, mypy strict, and all convention
gates
green.
## Manifest discipline (CORE)
`build_work_pipeline` added to `scripts/_ghost_wiring_manifest.txt` as
`ENFORCED`; the `no-ghost-wiring` gate passes.
## Security
The `llm-judged` routing policy wraps task content with the shared
`TAG_TASK_DATA` tag and appends `untrusted_content_directive(...)` to
its
system prompt, so a crafted task title/description cannot inject routing
instructions (SEC-1).
## Deviation from plan (justified)
Did not add a redundant `(WorkPipelineError, handle_domain_error)` entry
to
`exception_handlers.py`: the existing `(DomainError,
handle_domain_error)`
catch-all already dispatches every subclass via MRO, so the line would
be
dead duplication.
Closes #1960 Latest Branches
0%
release-please--branches--main--components--synthorg 0%
0%
© 2026 CodSpeed Technology