Patch LiteLLM security pins

Upgrade LiteLLM to 1.88.1 so Agent Zero is above the CVE-2026-42271 patched floor, and move the OpenAI SDK pin to 2.41.1 to satisfy LiteLLM's new dependency range.

Pin Starlette to the patched 1.0.1 release for the Host-header request.url.path advisory.

Fold requirements2.txt back into requirements.txt now that browser-use is no longer part of the repo dependency set, and update installer and setup docs to use a single requirements file.
This commit is contained in:
Alessandro 2026-06-11 03:47:58 +02:00
parent b04443be1a
commit b3b5e44cc3
5 changed files with 4 additions and 10 deletions

View file

@ -41,7 +41,6 @@ Primary Language(s): Python, JavaScript (ES Modules)
Do not combine these commands; run them individually:
```bash
pip install -r requirements.txt
pip install -r requirements2.txt
```
- Start WebUI: python run_ui.py
@ -241,7 +240,6 @@ If pip install fails, try running in a clean virtual environment:
python -m venv .venv
source .venv/bin/activate
pip install -r requirements.txt
pip install -r requirements2.txt
```
### WebSocket Connection Failures