bump-up-litellm

[tisnik]

Description

bump-up-litellm

Type of change

• Refactor
• New feature
• Bug fix
• CVE fix
• Optimization
• Documentation Update
• Configuration Update
• Bump-up service version
• Bump-up dependent library
• Bump-up library or tool used for development (does not change the final image)
• CI configuration change
• Konflux configuration change
• Unit tests improvement
• Integration tests improvement
• End to end tests improvement
• Benchmarks improvement

Tools used to create PR

• Assisted-by: N/A
• Generated by: N/A

Related Tickets & Documents

• Related Issue #

Summary by CodeRabbit

• Chores
  • Updated a pinned dependency version to a newer patch release.

[coderabbitai]

Warning

Review limit reached

@tisnik, we couldn't start this review because you've reached your PR review rate limit.

More reviews will be available in 50 minutes and 37 seconds. Learn how PR review limits work.

Your organization has used up its prepaid credits, and credit purchases are no longer available. Enable the review add-on in the billing tab to keep reviews running — you're only billed for reviews past your plan's rate limits ($0.25/file).

⌛ How to resolve this issue?

After more reviews become available, a review can be triggered using the @coderabbitai review command as a PR comment. Alternatively, push new commits to this PR.

To avoid repeated limits, reduce automatic review volume by pausing incremental auto-reviews earlier, using label-based review opt-in, excluding WIP or generated PR titles, or requesting reviews manually when the PR is ready. If your team needs uninterrupted high-volume reviews, an organization admin can enable usage-based credits.

🚦 How do rate limits work?

CodeRabbit enforces per-developer PR review limits for each organization. Most developers receive the normal plan refill rate.

For paid Pro and Pro+ PR reviews, CodeRabbit uses rolling per-developer review limits. Reviews become available again as older review attempts age out of the rolling limit window.

Please see our Fair Usage Limits Policy for further information.

ℹ️ Review info

⚙️ Run configuration

Configuration used: Path: .coderabbit.yaml

Review profile: ASSERTIVE

Plan: Pro

Run ID: b91e9293-13cf-4cda-842f-d9f67a2354f2

📥 Commits

Reviewing files that changed from the base of the PR and between 3ab8f23 and 0bb9b31.

📒 Files selected for processing (1)

• .konflux/requirements.hashes.source.txt

Walkthrough

The pinned version of litellm in .konflux/requirements.hashes.source.txt is updated from 1.83.7 to 1.83.10. No other dependencies or entries are changed.

Changes

litellm Dependency Bump

Layer / File(s)	Summary
litellm pin update .konflux/requirements.hashes.source.txt	litellm version pin incremented from 1.83.7 to 1.83.10.

Estimated code review effort

🎯 1 (Trivial) | ⏱️ ~2 minutes

🚥 Pre-merge checks | ✅ 5

✅ Passed checks (5 passed)

Check name	Status	Explanation
Description Check	✅ Passed	Check skipped - CodeRabbit’s high-level summary is enabled.
Title check	✅ Passed	The title 'bump-up-litellm' directly describes the main change of updating the litellm dependency from version 1.83.7 to 1.83.10.
Docstring Coverage	✅ Passed	No functions found in the changed files to evaluate docstring coverage. Skipping docstring coverage check.
Linked Issues check	✅ Passed	Check skipped because no linked issues were found for this pull request.
Out of Scope Changes check	✅ Passed	Check skipped because no linked issues were found for this pull request.

_{✏️ Tip: You can configure your own custom pre-merge checks in the settings.}

✨ Finishing Touches

🧪 Generate unit tests (beta)

• Create PR with unit tests

✨ Simplify code

• Create PR with simplified code

---

Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out.

❤️ Share

• X
• Mastodon
• Reddit
• LinkedIn

_{Comment @coderabbitai help to get the list of available commands.}

[coderabbitai]

Actionable comments posted: 1

🤖 Prompt for all review comments with AI agents

Verify each finding against current code. Fix only still-valid issues, skip the
rest with a brief reason, keep changes minimal, and validate.

Inline comments:
In @.konflux/requirements.hashes.source.txt:
- Line 545: Update the litellm package version from 1.83.10 to 1.83.14-stable in
the requirements.hashes.source.txt file. Locate the line containing
litellm==1.83.10 and change the version number to 1.83.14-stable to address the
three unpatched authorization and privilege escalation vulnerabilities
(CVE-2026-47101, CVE-2026-47102, and CVE-2026-40217) that are fixed in the newer
version.

🪄 Autofix (Beta)

Fix all unresolved CodeRabbit comments on this PR:

• Push a commit to this branch (recommended)
• Create a new PR with the fixes

---

ℹ️ Review info

⚙️ Run configuration

Configuration used: Path: .coderabbit.yaml

Review profile: ASSERTIVE

Plan: Pro

Run ID: 7c83100e-8301-4dd7-aed4-24f70176127b

📥 Commits

Reviewing files that changed from the base of the PR and between 8b34c51 and 3ab8f23.

📒 Files selected for processing (1)

• .konflux/requirements.hashes.source.txt

📜 Review details

⏰ Context from checks skipped due to timeout. (17)

• GitHub Check: Pylinter
• GitHub Check: build-pr
• GitHub Check: black
• GitHub Check: unit_tests (3.12)
• GitHub Check: spectral
• GitHub Check: mypy
• GitHub Check: radon
• GitHub Check: E2E: server mode / ci / group 2
• GitHub Check: E2E: library mode / ci / group 1
• GitHub Check: E2E: server mode / ci / group 3
• GitHub Check: E2E: library mode / ci / group 3
• GitHub Check: E2E: server mode / ci / group 1
• GitHub Check: E2E: library mode / ci / group 2
• GitHub Check: E2E Tests for Lightspeed Evaluation job
• GitHub Check: Pyright
• GitHub Check: Konflux kflux-prd-rh02 / lightspeed-stack-0-6-on-pull-request
• GitHub Check: Konflux kflux-prd-rh02 / lightspeed-stack-on-pull-request

[coderabbitai]

🔒 Security & Privacy | 🔴 Critical

🧩 Analysis chain

🏁 Script executed:

#!/bin/bash
# Verify litellm and aiohttp versions in the pinned hashes
rg 'litellm==|aiohttp==' .konflux/requirements.hashes.source.txt -A 1

Repository: lightspeed-core/lightspeed-stack

Length of output: 380

---

🏁 Script executed:

#!/bin/bash
# Check if pyproject.toml specifies litellm or aiohttp version constraints
if [ -f pyproject.toml ]; then
  echo "=== pyproject.toml litellm/aiohttp constraints ==="
  rg 'litellm|aiohttp' pyproject.toml -B 2 -A 2
fi

# Check if there's a uv.lock file
if [ -f uv.lock ]; then
  echo "=== uv.lock for litellm and aiohttp ==="
  rg 'name = "(litellm|aiohttp)"' uv.lock -A 5
fi

Repository: lightspeed-core/lightspeed-stack

Length of output: 3224

---

🌐 Web query:

litellm 1.83.10 vs 1.83.14 security vulnerabilities CVE differences

💡 Result:

The differences between LiteLLM v1.83.10 and v1.83.14 regarding security vulnerabilities center on critical authorization and privilege escalation flaws that were addressed in the latter version. While v1.83.10 had already patched some earlier vulnerabilities (such as SQL injection in CVE-2026-42208 and SSTI in CVE-2026-42203, both fixed in v1.83.7), it remained vulnerable to issues that were not resolved until v1.83.14 [1][2][3]. Key security differences: 1. Vulnerabilities present in v1.83.10: - CVE-2026-47101: An authorization bypass via the allowed_routes field during API key generation [4][1]. This allowed attackers to gain unauthorized access to restricted routes by specifying routes outside their permitted scope [4][5]. - CVE-2026-47102: A privilege escalation vulnerability via the /user/update endpoint, which allowed a user to modify their own user_role to proxy_admin, granting full administrative access [6][1]. - CVE-2026-40217: A sandbox escape vulnerability related to executing guardrails [1][5]. 2. Improvements in v1.83.14: - Version 1.83.14 includes the fixes for CVE-2026-47101, CVE-2026-47102, and CVE-2026-40217 [1]. - By upgrading to v1.83.14, users mitigate the authorization and privilege escalation risks that were present in v1.83.10 [1]. It is important to note that LiteLLM has faced a series of high-severity vulnerabilities throughout the first half of 2026 [1][7]. While v1.83.14 addresses the specific CVEs mentioned above, security researchers have identified subsequent, complex chains (such as those involving Jinja2 SSTI and environment variable leaks) that were addressed in even later versions like v1.84.0 and beyond [8][9]. Therefore, users are generally advised to keep their LiteLLM installation updated to the latest stable release to maintain a hardened security posture [1].

Citations:

• 1: https://www.danilchenko.dev/posts/litellm-vulnerability/
• 2: GHSA-r75f-5x8p-qvmc
• 3: GHSA-xqmj-j6mv-4862
• 4: https://security.snyk.io/vuln/SNYK-PYTHON-LITELLM-16795355
• 5: https://app.opencve.io/cve/?product=litellm&vendor=berriai
• 6: https://security.snyk.io/vuln/SNYK-PYTHON-LITELLM-16795354
• 7: https://radicalnotion.ai/vendor/litellm
• 8: https://mccaulay.co.uk/rcelitellm-litellm-1-83-14-chaining-an-environment-variable-leak-with-jinja2-ssti-for-remote-code-execution/
• 9: GHSA-4xpc-pv4p-pm3w

---

⚠️ Litellm 1.83.10 contains unpatched authorization and privilege escalation vulnerabilities that are fixed in 1.83.14

Litellm 1.83.10 remains vulnerable to three critical CVEs fixed in v1.83.14:

• CVE-2026-47101: Authorization bypass via allowed_routes field during API key generation, allowing attackers to access restricted routes
• CVE-2026-47102: Privilege escalation via /user/update endpoint, allowing users to modify user_role to proxy_admin (full admin access)
• CVE-2026-40217: Sandbox escape vulnerability in custom-code guardrail execution

Consider bumping to 1.83.14-stable (released Apr 25, 2026) to address these vulnerabilities, as the current pyproject.toml constraint litellm>=1.83.7 allows this upgrade. While this PR fixes older SQL injection vulnerabilities (CVE-2026-42208), it leaves these authorization and escalation flaws unpatched.

🤖 Prompt for AI Agents

Verify each finding against current code. Fix only still-valid issues, skip the
rest with a brief reason, keep changes minimal, and validate.

In @.konflux/requirements.hashes.source.txt at line 545, Update the litellm
package version from 1.83.10 to 1.83.14-stable in the
requirements.hashes.source.txt file. Locate the line containing litellm==1.83.10
and change the version number to 1.83.14-stable to address the three unpatched
authorization and privilege escalation vulnerabilities (CVE-2026-47101,
CVE-2026-47102, and CVE-2026-40217) that are fixed in the newer version.