ypollak2/llm-router

v9.2.0 Breaking

This release includes 2 breaking changes for platform teams planning a safe upgrade.

Published 8d LLM Frameworks

View tool

✓ No known CVEs patched

Read the diff → Tool health → What is this tool? →

✓ No known CVEs patched in this version

Topics

ai-routing anthropic claude claude-code cost-optimization gemini

+7 more

litellm llm llm-router mcp-server model-router ollama openai

Affected surfaces

auth rbac

ReleasePort's take

Moderate signal

editorial:auto 8d

v9.2.0 introduces new statusline metrics and enforcement modes while fixing several bugs, but also changes routing behavior that may affect existing configurations.

Why it matters: Breaking change: permanent downgrade of enforcement is removed; v13 now requires per‑turn routing (severity 70). Bugfixes address stdin hangs and provider omission. Feature additions include usage metrics hook and auto‑pivot safety valve.

Summary

AI summary

Smart enforcement mode v13 blocks all native tools until an llm_* routing tool is called, with session‑scoped read allowances and a safety auto‑pivot after four blocked calls.

Changes in this release

Type	Severity	Summary	CVE
Breaking	High	Breaks permanent downgrade of enforcement after first Edit/Write; v13 now requires per‑turn routing. Breaks permanent downgrade of enforcement after first Edit/Write; v13 now requires per‑turn routing. Source: llm_adapter@2026-05-26 Confidence: high	—
Breaking	Medium	Changes auto‑route directive from advisory "DO NOT SKIP" to hard constraint with explicit blocked tools list. Changes auto‑route directive from advisory "DO NOT SKIP" to hard constraint with explicit blocked tools list. Source: llm_adapter@2026-05-26 Confidence: high	—
Feature
Feature	Medium	Adds statusline-command.sh hook showing Claude Code usage metrics in status bar. Adds statusline-command.sh hook showing Claude Code usage metrics in status bar. Source: llm_adapter@2026-05-26 Confidence: high	—
Feature	Medium	Adds smart enforcement mode v13 blocking native tools until llm_* routing tool is called. Adds smart enforcement mode v13 blocking native tools until llm_* routing tool is called. Source: llm_adapter@2026-05-26 Confidence: high	—
Feature	Medium	Adds 4‑violation auto‑pivot safety valve to prevent permanent deadlocks. Adds 4‑violation auto‑pivot safety valve to prevent permanent deadlocks. Source: llm_adapter@2026-05-26 Confidence: low	—
Feature	Low	Implements 4‑violation auto‑pivot safety valve to allow all tools after four blocked calls in a turn. Implements 4‑violation auto‑pivot safety valve to allow all tools after four blocked calls in a turn. Source: granite4.1:30b@2026-05-26-audit Confidence: high	—
Bugfix	Medium	Fixes Gemini CLI provider omission from _FREE_PROVIDERS causing zero savings tracking. Fixes Gemini CLI provider omission from _FREE_PROVIDERS causing zero savings tracking. Source: llm_adapter@2026-05-26 Confidence: high	—
Bugfix	Medium	Fixes statusline stdin hang by consuming input to prevent pipe blocking. Fixes statusline stdin hang by consuming input to prevent pipe blocking. Source: llm_adapter@2026-05-26 Confidence: high	—
Refactor	Low	Updates enforcement test suite for v13 behavior using unique session IDs per tool iteration. Updates enforcement test suite for v13 behavior using unique session IDs per tool iteration. Source: granite4.1:30b@2026-05-26-audit Confidence: high	—

Full changelog

What's New

Added

Statusline for Claude Code — new statusline-command.sh hook shows CC usage %, daily savings, and enforce mode directly in the Claude Code status bar. Installed automatically via llm-router install.
Smart enforcement mode (v13) — enforce-route.py v13 blocks ALL native tools until an llm_* routing tool is called. Smart mode allows reads for code tasks but blocks them for Q&A. Hard mode blocks everything.
4-violation auto-pivot — safety valve prevents permanent deadlocks: after 4 blocked tool calls in one turn, enforcement allows all tools through.

Fixed

Gemini CLI savings tracking — gemini_cli provider was missing from _FREE_PROVIDERS across 12+ files, causing $0.00 savings for all Gemini CLI routed calls.
Statusline stdin hang — Claude Code pipes session JSON to statusline commands via stdin. Script now consumes stdin to prevent pipe blocking and timeout.
Coding session bypass removed (v13) — v12 permanently downgraded enforcement after the first Edit/Write. v13 requires routing per-turn.

Changed

Auto-route directive — changed from advisory "DO NOT SKIP" to "HARD CONSTRAINT" with explicit blocked tools list.
Enforcement test suite — updated for v13 behavior with unique session IDs per tool iteration.

Upgrade

pip install --upgrade llm-routing
# Then reinstall hooks:
llm-router install --force

Breaking Changes

Coding session bypass removed in v13 – routing must occur per‑turn instead of permanent downgrade after the first Edit/Write.
Auto-route directive changed from advisory "DO NOT SKIP" to hard constraint with explicit blocked tools list.

View diff on GitHub

Weekly OSS security release digest.

The CVE patches and breaking changes that affected production tools this week. One email, every Sunday.

No spam, unsubscribe anytime.

Share this release

Share on X Share on Bluesky

Track ypollak2/llm-router

Get notified when new releases ship.

About ypollak2/llm-router

Subscription-aware LLM router for Claude Code. Routes tasks to 20+ providers (OpenAI, Gemini, Groq, Ollama, Codex) based on complexity classification, Claude subscription pressure, and cost. Free tasks stay on Claude subscription; expensive tasks fall back to the cheapest capable model. Includes 30 MCP tools, 6 auto-routing hooks, semantic dedup cache, prompt caching, daily spend cap, and a live web dashboard.

All releases →