Spaces:

elmerzole
/

llm-api-proxy

Paused

Mirrowel commited on Jul 10, 2025

Commit

3981e3a

1 Parent(s): 62ed41b

feat(logging): sanitize Litellm logs even more

This change enhances the `_sanitize_litellm_log` function to ensure comprehensive removal of sensitive and large data fields from Litellm log dictionaries.

- Implements a recursive cleaning mechanism to handle deeply nested log structures.
- Expands the list of keys to remove, including `api_key`, `api_base`, `original_response`, and `additional_args`.
- Prevents mutation of the original log object by performing a deep copy before sanitization.
- Improves log cleanliness and security by ensuring all relevant sensitive information is scrubbed.

Files changed (1) hide show

src/rotator_library/client.py +30 -12

src/rotator_library/client.py CHANGED Viewed

@@ -64,25 +64,43 @@ class RotatingClient:
     def _sanitize_litellm_log(self, log_data: dict) -> dict:
         """
-        Removes large data fields from litellm log dictionaries to keep debug logs clean.
         """
         if not isinstance(log_data, dict):
             return log_data
-        clean_data = log_data.copy()
-        # These keys often contain the full request/response payload.
-        keys_to_pop = ["messages", "input", "response", "data"]
-        # The actual log data from litellm is often nested inside 'kwargs'
-        if 'kwargs' in clean_data and isinstance(clean_data['kwargs'], dict):
             for key in keys_to_pop:
-                clean_data['kwargs'].pop(key, None)
-        # Sometimes they are at the top level
-        for key in keys_to_pop:
-            clean_data.pop(key, None)
         return clean_data
     def _litellm_logger_callback(self, log_data: dict):

     def _sanitize_litellm_log(self, log_data: dict) -> dict:
         """
+        Recursively removes large data fields and sensitive information from litellm log
+        dictionaries to keep debug logs clean and secure.
         """
         if not isinstance(log_data, dict):
             return log_data
+        # Keys to remove at any level of the dictionary
+        keys_to_pop = [
+            "messages", "input", "response", "data", "api_key",
+            "api_base", "original_response", "additional_args"
+        ]
+        # Keys that might contain nested dictionaries to clean
+        nested_keys = ["kwargs", "litellm_params", "model_info", "proxy_server_request"]
+        # Create a deep copy to avoid modifying the original log object in memory
+        clean_data = json.loads(json.dumps(log_data, default=str))
+        def clean_recursively(data_dict):
+            if not isinstance(data_dict, dict):
+                return
+            # Remove sensitive/large keys
             for key in keys_to_pop:
+                data_dict.pop(key, None)
+            # Recursively clean nested dictionaries
+            for key in nested_keys:
+                if key in data_dict and isinstance(data_dict[key], dict):
+                    clean_recursively(data_dict[key])
+            # Also iterate through all values to find any other nested dicts
+            for key, value in list(data_dict.items()):
+                if isinstance(value, dict):
+                    clean_recursively(value)
+        clean_recursively(clean_data)
         return clean_data
     def _litellm_logger_callback(self, log_data: dict):