v1.89.4 - Vertex Batch Uploads & CVE Patches
An earlier version of this note flagged a potential throughput regression. We investigated and could not confirm or reproduce any regression in the released version. The one report we received came from a deployment running custom code on top of what we shipped, and our testing points to those changes, not LiteLLM, as the likely cause.
Correctness and error rates were never affected. If you're on this version, there's nothing you need to do.
We're still monitoring incoming reports and will update this note if anything changes.
Deploy this version​
- Docker
- Pip
docker run \
-e STORE_MODEL_IN_DB=True \
-p 4000:4000 \
docker.litellm.ai/berriai/litellm:1.89.4
pip install litellm==1.89.4
v1.89.4 is a patch release on top of v1.89.3. It streams OpenAI→Vertex batch JSONL uploads instead of buffering them in memory, backports cost-tracking recovery for interrupted Anthropic streams, adds a no-mcp-servers sentinel that scopes a key to zero MCP servers, and clears the remaining OSV-flagged CVEs with OpenSSL and dependency bumps. The bundled litellm-enterprise package is bumped to 0.1.42.post2.
What's Changed​
- fix(passthrough): recover output tokens for interrupted anthropic streams - PR #30787
- fix(proxy): record partial spend on the failure row for interrupted streams - PR #30788
- feat(mcp): scope a key to zero MCP servers with no-mcp-servers sentinel - PR #31029
- fix(passthrough,streaming): recover cost on interrupted and agentic Anthropic streams - PR #31035
- fix(vertex/files): stream OpenAI->Vertex batch JSONL uploads - PR #31036
- fix(deps): bump osv-flagged dependencies to clear known CVEs - PR #31122
- fix(docker): bump wolfi-base digest to patch openssl CVE-2026-34182 - PR #31133
Full Changelog​
https://github.com/BerriAI/litellm/compare/v1.89.3...v1.89.4