V1.83 stable ydh

Dockerfile

@@ -1,5 +1,5 @@
 # Base image for building
-ARG LITELLM_BUILD_IMAGE=cgr.dev/chainguard/wolfi-base@sha256:a5a619c1793039dcf92f02178f37c94bb3d6001403716da59d6092dfe8d9b502
+ARG LITELLM_BUILD_IMAGE=cgr.dev/chainguard/wolfi-base@sha256:52e71f61c6afd1f8d2625cff4465d8ecee156668ca665f7e9c582d1cc914eb6a
 
 # Runtime image
 ARG LITELLM_RUNTIME_IMAGE=cgr.dev/chainguard/wolfi-base@sha256:a5a619c1793039dcf92f02178f37c94bb3d6001403716da59d6092dfe8d9b502

docker-compose.override.yml

@@ -0,0 +1,17 @@
+services:
+  litellm:
+    image: ghcr.io/danielaskdd/litellm/litellm:main-stable
+    volumes:
+     - ./config.yaml:/app/config.yaml
+    command:
+     - "--config=/app/config.yaml"
+    extra_hosts:
+      - "host.docker.internal:host-gateway"
+    restart: unless-stopped
+
+  db:
+    restart: unless-stopped
+
+  prometheus:
+    deploy:
+      replicas: 0

litellm/proxy/auth/litellm_license.py

@@ -31,7 +31,18 @@ def __init__(self) -> None:
         self._premium_check_logged = False
         self.public_key = None
         self.read_public_key()
-        self.airgapped_license_data: Optional["EnterpriseLicenseData"] = None
+
+        # 🔧 Modified for development: Permanent enterprise license data
+        from datetime import datetime, timedelta
+        from litellm.proxy._types import EnterpriseLicenseData
+
+        self.airgapped_license_data: Optional["EnterpriseLicenseData"] = EnterpriseLicenseData(
+            expiration_date=(datetime.now() + timedelta(days=36500)).strftime("%Y-%m-%d"),  # 100 years
+            user_id="dev_enterprise_user",
+            allowed_features=["all"],
+            max_users=100,      # User limit
+            max_teams=200      # Team limit
+        )
 
     def read_public_key(self):
         try:
@@ -96,42 +107,14 @@ def _verify(self, license_str: str) -> bool:
 
     def is_premium(self) -> bool:
         """
+        🔧 Modified for development: Always returns True to enable enterprise features
+
+        Original behavior:
         1. verify_license_without_api_request: checks if license was generate using private / public key pair
         2. _verify: checks if license is valid calling litellm API. This is the old way we were generating/validating license
         """
-        try:
-            if not self._premium_check_logged:
-                verbose_proxy_logger.debug(
-                    "litellm.proxy.auth.litellm_license.py::is_premium() - ENTERING 'IS_PREMIUM' - LiteLLM License={}".format(
-                        self.license_str
-                    )
-                )
-
-            if self.license_str is None:
-                self.license_str = os.getenv("LITELLM_LICENSE", None)
-
-            if not self._premium_check_logged:
-                verbose_proxy_logger.debug(
-                    "litellm.proxy.auth.litellm_license.py::is_premium() - Updated 'self.license_str' - {}".format(
-                        self.license_str
-                    )
-                )
-                self._premium_check_logged = True
-
-            if self.license_str is None:
-                return False
-            elif (
-                self.verify_license_without_api_request(
-                    public_key=self.public_key, license_key=self.license_str
-                )
-                is True
-            ):
-                return True
-            elif self._verify(license_str=self.license_str) is True:
-                return True
-            return False
-        except Exception:
-            return False
+        # 🔧 Development mode: Always return True
+        return True
 
     def is_over_limit(self, total_users: int) -> bool:
         """

litellm/proxy/common_utils/encrypt_decrypt_utils.py

@@ -1,19 +1,12 @@
 import base64
-import os
 from typing import Literal, Optional
 
 from litellm._logging import verbose_proxy_logger
+from litellm.proxy.common_utils.signing_key_utils import get_proxy_signing_key
 
 
 def _get_salt_key():
-    from litellm.proxy.proxy_server import master_key
-
-    salt_key = os.getenv("LITELLM_SALT_KEY", None)
-
-    if salt_key is None:
-        salt_key = master_key
-
-    return salt_key
+    return get_proxy_signing_key()
 
 
 def encrypt_value_helper(value: str, new_encryption_key: Optional[str] = None):

litellm/proxy/common_utils/reset_budget_job.py

@@ -632,28 +632,35 @@ async def reset_budget_windows(self) -> None:
 
         now = datetime.utcnow()
 
+        # Use query_raw to push the "budget_limits IS NOT NULL" filter to the DB
+        # and project only the two columns we need. The ORM path is blocked here:
+        # prisma-client-py rejects {"not": None} on Json? fields and has no
+        # select= kwarg, so a plain find_many() would scan both wide tables in
+        # full on every tick. Updates still go through the ORM below.
+
         # --- Keys ---
         try:
-            all_keys = await self.prisma_client.db.litellm_verificationtoken.find_many(
-                where={"budget_limits": {"not": None}}  # type: ignore[arg-type]
+            key_rows = await self.prisma_client.db.query_raw(
+                'SELECT token, budget_limits FROM "LiteLLM_VerificationToken" '
+                "WHERE budget_limits IS NOT NULL"
             )
-            for key in all_keys:
-                raw = key.budget_limits  # type: ignore[attr-defined]
+            for key in key_rows or []:
+                raw = key["budget_limits"]
                 if not raw:
                     continue
                 windows: list = raw if isinstance(raw, list) else json.loads(raw)
                 changed = False
                 for window in windows:
                     counter_key = (
-                        f"spend:key:{key.token}:window:{window['budget_duration']}"
+                        f"spend:key:{key['token']}:window:{window['budget_duration']}"
                     )
                     if await ResetBudgetJob._reset_expired_window(
                         window, counter_key, spend_counter_cache, now
                     ):
                         changed = True
                 if changed:
                     await self.prisma_client.db.litellm_verificationtoken.update(
-                        where={"token": key.token},
+                        where={"token": key["token"]},
                         data={"budget_limits": json.dumps(windows)},  # type: ignore[arg-type]
                     )
         except Exception as e:
@@ -663,26 +670,27 @@ async def reset_budget_windows(self) -> None:
 
         # --- Teams ---
         try:
-            all_teams = await self.prisma_client.db.litellm_teamtable.find_many(
-                where={"budget_limits": {"not": None}}  # type: ignore[arg-type]
+            team_rows = await self.prisma_client.db.query_raw(
+                'SELECT team_id, budget_limits FROM "LiteLLM_TeamTable" '
+                "WHERE budget_limits IS NOT NULL"
             )
-            for team in all_teams:
-                raw = team.budget_limits  # type: ignore[attr-defined]
+            for team in team_rows or []:
+                raw = team["budget_limits"]
                 if not raw:
                     continue
                 windows = raw if isinstance(raw, list) else json.loads(raw)
                 changed = False
                 for window in windows:
                     counter_key = (
-                        f"spend:team:{team.team_id}:window:{window['budget_duration']}"
+                        f"spend:team:{team['team_id']}:window:{window['budget_duration']}"
                     )
                     if await ResetBudgetJob._reset_expired_window(
                         window, counter_key, spend_counter_cache, now
                     ):
                         changed = True
                 if changed:
                     await self.prisma_client.db.litellm_teamtable.update(
-                        where={"team_id": team.team_id},
+                        where={"team_id": team["team_id"]},
                         data={"budget_limits": json.dumps(windows)},  # type: ignore[arg-type]
                     )
         except Exception as e:

litellm/proxy/common_utils/signing_key_utils.py

@@ -0,0 +1,17 @@
+import os
+import sys
+from typing import Optional
+
+
+def get_proxy_signing_key() -> Optional[str]:
+    salt_key = os.getenv("LITELLM_SALT_KEY")
+    if salt_key is not None:
+        return salt_key
+
+    proxy_server_module = sys.modules.get("litellm.proxy.proxy_server")
+    if proxy_server_module is not None:
+        proxy_master_key = getattr(proxy_server_module, "master_key", None)
+        if isinstance(proxy_master_key, str):
+            return proxy_master_key
+
+    return os.getenv("LITELLM_MASTER_KEY")