google
diff --git a/‎.github/.release-please-manifest.json‎
Lines changed: 1 addition & 1 deletion b/‎.github/.release-please-manifest.json‎
Lines changed: 1 addition & 1 deletion
diff --git a/‎.github/release-please-config.json‎
Lines changed: 1 addition & 1 deletion b/‎.github/release-please-config.json‎
Lines changed: 1 addition & 1 deletion
diff --git a/‎CHANGELOG.md‎
Lines changed: 10 additions & 0 deletions b/‎CHANGELOG.md‎
Lines changed: 10 additions & 0 deletions
diff --git a/‎pyproject.toml‎
Lines changed: 2 additions & 2 deletions b/‎pyproject.toml‎
Lines changed: 2 additions & 2 deletions
@@ -1,3 +1,3 @@
 {
-  ".": "1.27.2"
+  ".": "1.27.4"
 }
@@ -1,6 +1,6 @@
 {
   "$schema": "https://raw.githubusercontent.com/googleapis/release-please/main/schemas/config.json",
-  "last-release-sha": "7b94a767337e0d642e808734608f07a70e077c62",
+  "last-release-sha": "066fcec3e8e669d1c5360e1556afce3f7e068072",
   "packages": {
     ".": {
       "release-type": "python",
 
@@ -1,5 +1,15 @@
 # Changelog
 
+## [1.27.4](https://github.com/google/adk-python/compare/v1.27.3...v1.27.4) (2026-03-24)
+### Bug Fixes
+
+* Exclude compromised LiteLLM versions from dependencies pin to 1.82.6 ([fa5e707](https://github.com/google/adk-python/commit/fa5e707c11ad748e7db2f653b526d9bdc4b7d405))
+* gate builder endpoints behind web flag ([44b3f72](https://github.com/google/adk-python/commit/44b3f72d8f4ee09461d0acd8816149e801260b84))
+
+## [1.27.3](https://github.com/google/adk-python/compare/v1.27.2...v1.27.3) (2026-03-23)
+### Bug Fixes
+  * add protection for arbitrary module imports ([276adfb](https://github.com/google/adk-python/commit/276adfb7ad552213c0201a3c95efbc9876bf3b66))
+
 ## [1.27.2](https://github.com/google/adk-python/compare/v1.27.1...v1.27.2) (2026-03-17)
 ### Bug Fixes
   * Use valid dataplex OAuth scope for BigQueryToolset ([4010716](https://github.com/google/adk-python/commit/4010716470fc83918dc367c5971342ff551401c8))
 
@@ -126,7 +126,7 @@ test = [
   "kubernetes>=29.0.0",                           # For GkeCodeExecutor
   "langchain-community>=0.3.17",
   "langgraph>=0.2.60, <0.4.8",                    # For LangGraphAgent
-  "litellm>=1.75.5, <2.0.0",                      # For LiteLLM tests
+  "litellm>=1.75.5, <=1.82.6",                      # For LiteLLM tests. Upper bound pinned: versions 1.82.7+ compromised in supply chain attack.
   "llama-index-readers-file>=0.4.0",              # For retrieval tests
   "openai>=1.100.2",                              # For LiteLLM
   "opentelemetry-instrumentation-google-genai>=0.3b0, <1.0.0",
@@ -160,7 +160,7 @@ extensions = [
   "kubernetes>=29.0.0",                         # For GkeCodeExecutor
   "k8s-agent-sandbox>=0.1.1.post3",             # For GkeCodeExecutor sandbox mode
   "langgraph>=0.2.60, <0.4.8",                  # For LangGraphAgent
-  "litellm>=1.75.5, <2.0.0",                    # For LiteLlm class. Currently has OpenAI limitations. TODO: once LiteLlm fix it
+  "litellm>=1.75.5, <=1.82.6",                    # For LiteLlm class. Upper bound pinned: versions 1.82.7+ compromised in supply chain attack.
   "llama-index-readers-file>=0.4.0",            # For retrieval using LlamaIndex.
   "llama-index-embeddings-google-genai>=0.3.0", # For files retrieval using LlamaIndex.
   "lxml>=5.3.0",                                # For load_web_page tool.
Original file line number	Diff line number	Diff line change
`@@ -1,3 +1,3 @@`
`1`	`1`	`{`
`2`		`- ".": "1.27.2"`
	`2`	`+ ".": "1.27.4"`
`3`	`3`	`}`
Original file line number	Diff line number	Diff line change
`@@ -1,6 +1,6 @@`
`1`	`1`	`{`
`2`	`2`	`"$schema": "https://raw.githubusercontent.com/googleapis/release-please/main/schemas/config.json",`
`3`		`- "last-release-sha": "7b94a767337e0d642e808734608f07a70e077c62",`
	`3`	`+ "last-release-sha": "066fcec3e8e669d1c5360e1556afce3f7e068072",`
`4`	`4`	`"packages": {`
`5`	`5`	`".": {`
`6`	`6`	`"release-type": "python",`