The latest updates on your projects. Learn more about Vercel for GitHub.

Project	Deployment	Actions	Updated (UTC)
litellm	Ready	Preview, Comment	Mar 25, 2026 0:59am

Greptile Summary

This PR makes documentation-only edits to the March 2026 security incident blog post. It adds a bold callout clarifying that LiteLLM AI Gateway/Proxy Docker image users were not impacted, fixes inconsistent capitalization in the "Audit version history" checklist, renames several occurrences of "LiteLLM" to "LiteLLM AI Gateway", and removes the TLDR and Overview headings (promoting the overview paragraph to the top level).

Key changes:

• Added **LiteLLM AI Gateway/Proxy users:** callout paragraph above the "not affected" bullet list for visibility.
• Capitalised Local environments and Deployment logs in the audit checklist for consistency.
• Replaced LiteLLM with LiteLLM AI Gateway in the opening paragraph, affected-version descriptions, and the "Response and remediation" section.
• Removed the TLDR section — the release-pause statement it contained ("We are pausing new LiteLLM releases…") no longer appears anywhere in the document, which may leave readers without up-to-date guidance on release safety.

Confidence Score: 4/5

• Safe to merge — documentation-only change with no code impact, though one informational gap should be addressed.
• All changes are confined to a single Markdown blog post. The additions and capitalization fixes are correct and improve clarity. The only concern is the silent removal of the "pausing new releases" statement from the TLDR, which could leave readers without important status information. This warrants a fix before publishing but does not block the repository in any functional sense.
• docs/my-website/blog/security_update_march_2026/index.md — verify the release-pause statement removal is intentional and, if so, add an explicit status update in its place.

Flowchart

%%{init: {'theme': 'neutral'}}%%
flowchart TD
    A[Reader visits security blog post] --> B{How do you run LiteLLM?}
    B --> C[Official Docker image\nghcr.io/berriai/litellm]
    B --> D[LiteLLM Cloud]
    B --> E[pip install litellm\nor transitive dependency]
    B --> F[Source install from GitHub]

    C --> G["✅ NOT affected\n(pins deps in requirements.txt,\ndoes not use PyPI packages)"]
    D --> G
    F --> G

    E --> H{Was v1.82.7 or v1.82.8\ninstalled between\n10:39–16:00 UTC Mar 24?}
    H -->|No| G
    H -->|Yes| I["⚠️ AFFECTED\nRotate secrets, remove\nlitellm_init.pth, audit logs"]

_{Reviews (2): Last reviewed commit: "Merge branch 'main' into worktree-tingly..." | Re-trigger Greptile}

Thank you for your submission! We really appreciate it. Like many open source projects, we ask that you all sign our Contributor License Agreement before we can accept your contribution.
1 out of 2 committers have signed the CLA.

✅ ishaan-jaff
❌ ishaan-berri
_{You have signed the CLA already but the status is still pending? Let us recheck it.}

Merging this PR will not alter performance

✅ 16 untouched benchmarks

_{Comparing worktree-tingly-jumping-lovelace (e92edee) with main (4571f2a)¹}