Patch LiteLLM security pins

Upgrade LiteLLM to 1.88.1 so Agent Zero is above the CVE-2026-42271 patched floor, and move the OpenAI SDK pin to 2.41.1 to satisfy LiteLLM's new dependency range.

Pin Starlette to the patched 1.0.1 release for the Host-header request.url.path advisory.

Fold requirements2.txt back into requirements.txt now that browser-use is no longer part of the repo dependency set, and update installer and setup docs to use a single requirements file.
This commit is contained in:
Alessandro 2026-06-11 03:47:58 +02:00
parent b04443be1a
commit b3b5e44cc3
5 changed files with 4 additions and 10 deletions

View file

@ -36,8 +36,6 @@ fi
# Install remaining A0 python packages
uv pip install -r /git/agent-zero/requirements.txt
# override for packages that have unnecessarily strict dependencies
uv pip install -r /git/agent-zero/requirements2.txt
# install playwright
bash /ins/install_playwright.sh "$@"