fix: pin litellm <1.82.7 due to security vulnerability

[danielmillerp]

Summary

• Pins litellm to <1.82.7 (was <2) to address a security vulnerability flagged by Rishabh Shah
• Currently resolved version is 1.77.5, well under the cap — no functional change

Test plan

• uv lock resolves successfully
• CI passes

🤖 Generated with Claude Code

Greptile Summary

This PR pins litellm to <1.82.7 in agentex/pyproject.toml to protect against the supply-chain compromise in versions 1.82.7 and 1.82.8, which were published with credential-stealing malware to PyPI on March 24, 2026 (both since removed). The currently resolved version (1.77.5) is unaffected and there is no functional change.

Confidence Score: 5/5

Safe to merge — targeted security pin with no functional change and a clean resolved version.

The only finding is a P2 suggestion to use != specifiers instead of a hard upper bound, which is a future-proofing concern rather than a current defect. The resolved version (1.77.5) is unaffected by the supply-chain compromise, and both compromised versions have been removed from PyPI.

No files require special attention.

Vulnerabilities

• This PR directly addresses a supply chain compromise (GHSA-5mg7-485q-xm76): litellm 1.82.7 and 1.82.8 contained credential-stealing malware targeting SSH keys, cloud credentials, environment variables, and Kubernetes secrets. Both versions have been removed from PyPI.
• The upper bound <1.82.7 prevents resolving to 1.82.7 but does not explicitly exclude 1.82.8 by version specifier; however, since 1.82.8 is also removed from PyPI, uv cannot resolve to it in practice.
• The resolved version (1.77.5) is clean and pre-dates the compromise.

Important Files Changed

Filename	Overview
agentex/pyproject.toml	Pins litellm to >=1.48.2,<1.82.7 to block the supply-chain-compromised versions 1.82.7/1.82.8; constraint is correct and the resolved version (1.77.5) is safe.
uv.lock	Lock file updated to reflect new litellm specifier; resolves to 1.77.5, which is unaffected by the supply-chain compromise.

Flowchart

%%{init: {'theme': 'neutral'}}%%
flowchart TD
    A["uv lock resolution"] --> B{"litellm version\navailable on PyPI?"}
    B -->|"1.82.7 / 1.82.8\n(removed from PyPI)"| C["❌ Cannot resolve\n(removed)"]
    B -->|"1.77.5\n(satisfies >=1.48.2,<1.82.7)"| D["✅ Resolves to 1.77.5\n(safe)"]
    D --> E["Build / Deploy"]
    C --> F["Resolution failure\n(protected)"]

    style C fill:#ffcccc
    style D fill:#ccffcc
    style F fill:#ffcccc

Loading

Prompt To Fix All With AI

This is a comment left during a code review.
Path: agentex/pyproject.toml
Line: 10

Comment:
**Upper bound blocks future clean releases**

The constraint `<1.82.7` will also prevent upgrading to any clean litellm release above 1.82.6 (e.g. a future 1.83.x) without a manual constraint update. Since both compromised versions (1.82.7 and 1.82.8) have been removed from PyPI, using `!=1.82.7,!=1.82.8` instead would protect against cached/mirrored copies of those exact versions while still allowing clean future releases.

```suggestion
    "litellm>=1.48.2,!=1.82.7,!=1.82.8,<2",
```

How can I resolve this? If you propose a fix, please make it concise.

_{Reviews (1): Last reviewed commit: "fix: pin litellm <1.82.7 due to security..." | Re-trigger Greptile}