ypollak2/llm-router

v5.3.0 Security

This release includes 2 security fixes for security teams reviewing exposed deployments.

Published 1mo LLM Frameworks

View tool

✓ No known CVEs patched

Read the diff → Tool health → What is this tool? →

This release patches 2 known CVEs

Topics

ai-routing anthropic claude claude-code cost-optimization gemini

+7 more

litellm llm llm-router mcp-server model-router ollama openai

Affected surfaces

auth breaking_upgrade

Summary

AI summary

TOCTOU budget enforcement prevents concurrent calls from slipping under spend limits.

Full changelog

What's new

Bug Fixes

TOCTOU budget enforcement — concurrent calls can no longer both slip under daily/monthly spend limits; provisional _pending_spend reservation is held inside _budget_lock until the call completes
Claude quota staleness guard — usage.json older than 24h now returns pressure=0.5 instead of 0.0, preventing unlimited routing when the session hook is absent (LLM_ROUTER_STALE_PRESSURE_FLOOR to tune)
Event-loop blocking read — _claude_subscription_state() now uses asyncio.to_thread() for filesystem access
File handle leak — auto-route.py hook now uses Path.read_text() instead of bare open()
Duplicate models in chain — Ollama/Codex injection no longer re-adds models already in the static chain

Added

Correlation ID tracing — every routed call gets a uuid4().hex[:8] ID written to both usage and routing_decisions tables for log↔DB joins
DB query indices — four new indices on high-cardinality columns for dashboard and analytics queries
Dashboard token auth — aiohttp middleware validates X-Dashboard-Token on all API routes

Refactor

route_and_call() reduced from ~960 to ~527 lines via _resolve_profile() and _build_and_filter_chain() extractions

Upgrade

pip install --upgrade claude-code-llm-router && llm-router install

Security Fixes

Claude quota staleness guard now returns pressure=0.5 when usage.json >24h old (configurable via LLM_ROUTER_STALE_PRESSURE_FLOOR)
Event‑loop blocking read offloaded to asyncio.to_thread() in _claude_subscription_state()

View diff on GitHub

Weekly OSS security release digest.

The CVE patches and breaking changes that affected production tools this week. One email, every Sunday.

No spam, unsubscribe anytime.

Share this release

Share on X Share on Bluesky

Track ypollak2/llm-router

Get notified when new releases ship.

About ypollak2/llm-router

Subscription-aware LLM router for Claude Code. Routes tasks to 20+ providers (OpenAI, Gemini, Groq, Ollama, Codex) based on complexity classification, Claude subscription pressure, and cost. Free tasks stay on Claude subscription; expensive tasks fall back to the cheapest capable model. Includes 30 MCP tools, 6 auto-routing hooks, semantic dedup cache, prompt caching, daily spend cap, and a live web dashboard.

All releases →

Related context

Related tools

Earlier breaking changes

v9.2.0 Changes auto‑route directive from advisory "DO NOT SKIP" to hard constraint with explicit blocked tools list.
v9.2.0 Breaks permanent downgrade of enforcement after first Edit/Write; v13 now requires per‑turn routing.