Avoid LiteLLM upgrade to compromised releases #4886
Description
Currently uv.lock includes litellm==1.82.1.
Since LiteLLM recently reported compromised releases 1.82.7 and 1.82.8, it may be worth avoiding any LiteLLM upgrade for now and adding an explicit guard against those versions if relevant.
It may be useful to:
- avoid upgrading LiteLLM until the package situation is fully stable
- add an explicit version exclusion for the affected releases, if relevant
- confirm that no install path in this repo can pick up those versions unintentionally
Raising this mainly as a preventive dependency safety check.