Tokentoll

v0.6.0 Breaking

This release includes breaking changes for platform teams planning a safe upgrade.

Published 1mo Model Serving & MLOps

View tool

✓ No known CVEs patched

Read the diff → Tool health → What is this tool? →

✓ No known CVEs patched in this version

Topics

anthropic cost-optimization devtools github-action llm mlops

+3 more

openai python static-analysis

Summary

AI summary

Adds Zhipu AI / GLM detection and restores OpenAI/Anthropic constructor-call fallback.

Full changelog

New: Zhipu AI / GLM detection

New ZhipuDetector for the zai SDK (ZhipuAiClient) and the legacy zhipuai SDK (ZhipuAI).
Detects chat.completions.create, embeddings.create, and images.generations.
Per-SDK default zai/glm-4.6 for dynamic call sites.
Pricing resolves automatically against the bundled LiteLLM data (GLM-4.5 / 4.6 / 4.7 / 5 supported).

Coverage: constructor-call fallback for OpenAI / Anthropic

v0.5.2 removed the loose source-string fallback in can_handle to fix the Zhipu false-positive, but that also lost legitimate detections in DI-style code (a helper module that builds the client without a visible import). v0.6.0 puts those detections back via a positive signal: the file constructs OpenAI(), AsyncOpenAI(), AzureOpenAI(), AsyncAzureOpenAI(), or Anthropic() / AsyncAnthropic() somewhere. Zhipu stays correctly excluded because it doesn't construct those classes.

Upgrading

- uses: Jwrede/[email protected]

pip install --upgrade tokentoll

View diff on GitHub

Weekly OSS security release digest.

The CVE patches and breaking changes that affected production tools this week. One email, every Sunday.

No spam, unsubscribe anytime.

Share this release

Share on X Share on Bluesky

Track Tokentoll

Get notified when new releases ship.

About Tokentoll

All releases →

Tokentoll

Summary

New: Zhipu AI / GLM detection

Coverage: constructor-call fallback for OpenAI / Anthropic

Upgrading

Related context

Related tools