andre/crewAI
1
0
Fork 0
mirror of https://github.com/crewAIInc/crewAI.git synced 2026-04-30 23:02:50 +00:00
Code Issues Actions 6 Packages Projects Releases Wiki Activity

fix: bump litellm to ~=1.83.0 and openai to ~=2.30.0

Browse Source 
litellm 1.83.0 fixes CVE-2026-35029 (proxy config privilege escalation)
and CVE-2026-35030 (proxy JWT auth bypass), and is the first release
after the supply chain incident. Bump openai to 2.x to satisfy litellm's
dependency.
This commit is contained in:
Greyson LaLonde
2026-04-04 22:04:16 +08:00
parent c4bbb039da
commit 70fc701941
3 changed files with 75 additions and 24 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
lib/devtools/pyproject.toml
View File

@@ -12,7 +12,7 @@ private = true
dependencies = [
"click~=8.1.7",
"toml~=0.10.2",
"openai~=1.83.0",
"openai~=2.30.0",
"python-dotenv~=1.1.1",
"pygithub~=1.59.1",
"rich>=13.9.4",