fix: bump litellm to 1.84.0 to resolve python-dotenv install conflict (#342)

litellm 1.83.7 hard-pins python-dotenv==1.0.1, which conflicts with
python-dotenv==1.2.2 in requirements.txt and makes a fresh install fail
(ResolutionImpossible under both pip 25.2 and uv). Downgrading dotenv to
1.0.1 is not an option: python-dotenv < 1.2.2 is affected by
GHSA-mf9w-mj56-hr94 (moderate).

litellm 1.84.0 relaxed its pin to python-dotenv<2.0,>=1.0.0, allowing the
patched python-dotenv==1.2.2 to remain. Full requirements.txt resolves
cleanly under both pip and uv.

Closes #286
This commit is contained in:
Kylin 2026-07-03 16:40:28 +08:00 committed by GitHub
parent 2cf46689f9
commit 27f01e9e7d
No known key found for this signature in database
GPG key ID: B5690EEEBB952194

View file

@ -1,4 +1,4 @@
litellm==1.83.7
litellm==1.84.0
# openai-agents # optional: required for examples/agentic_vectorless_rag_demo.py
pymupdf==1.26.4
PyPDF2==3.0.1