chore(deps): Update litellm requirement from >=1.86.2 to >=1.88.0

[dependabot]

Updates the requirements on litellm to permit the latest version.

Release notes

Sourced from litellm's releases.

v1.88.0

Verify Docker Image Signature

All LiteLLM Docker images are signed with cosign. Every release is signed with the same key introduced in commit 0112e53.

Verify using the pinned commit hash (recommended):

A commit hash is cryptographically immutable, so this is the strongest way to ensure you are using the original signing key:

cosign verify \
  --key https://raw.githubusercontent.com/BerriAI/litellm/0112e53046018d726492c814b3644b7d376029d0/cosign.pub \
  ghcr.io/berriai/litellm:v1.88.0

Verify using the release tag (convenience):

Tags are protected in this repository and resolve to the same key. This option is easier to read but relies on tag protection rules:

cosign verify \
  --key https://raw.githubusercontent.com/BerriAI/litellm/v1.88.0/cosign.pub \
  ghcr.io/berriai/litellm:v1.88.0

Expected output:

The following checks were performed on each of these signatures:
  - The cosign claims were validated
  - The signatures were verified against the specified public key

---

What's Changed

• fix(proxy): gate team allowed_passthrough_routes to proxy admins by @​ryan-crabbe-berri in BerriAI/litellm#28097
• fix(tests): stabilize image-edit VCR cassettes to stop live gpt-image-1 spend by @​mateo-berri in BerriAI/litellm#28110
• fix(bedrock/cohere): send embedding_types as JSON array, not string by @​ishaan-berri in BerriAI/litellm#28172
• fix(tests): migrate realtime + rerank tests off shut-down upstream models by @​yuneng-berri in BerriAI/litellm#28191
• fix(caching): replay openai/responses bridge cache hits as chat streams by @​Sameerlite in BerriAI/litellm#28158
• Litellm oss staging by @​Sameerlite in BerriAI/litellm#28161
• feat(prometheus): add user_email and user_alias to user budget metrics by @​Sameerlite in BerriAI/litellm#28155
• test(callbacks): harden flaky proxy callback-leak detector by @​yuneng-berri in BerriAI/litellm#28195
• fix(bedrock): sanitize batch metadata to prevent Pydantic ValidationError by @​mateo-berri in BerriAI/litellm#28202
• fix(deepseek): use native /anthropic/v1/messages endpoint and sanitize tools by @​mateo-berri in BerriAI/litellm#28200
• feat(ui): add Interactions API endpoint to playground with SSE streaming by @​Sameerlite in BerriAI/litellm#28156
• fix(proxy): decode bytes and pass-through SSE for Google-native streamGenerateContent (#27444) by @​Sameerlite in BerriAI/litellm#28213
• refactor(bedrock/sagemaker): switch to lazy loading for response stre… by @​harish-berri in BerriAI/litellm#28189
• [Refactor] UI - Spend Logs: consolidate filter state and extract components by @​ryan-crabbe-berri in BerriAI/litellm#25847
• fix(tests): replace shut-down gpt-4o-audio-preview with gpt-audio-1.5 by @​yuneng-berri in BerriAI/litellm#28281

... (truncated)

Commits

• bde16ff test(proxy): patch utils.get_server_root_path in passthrough auth tests
• 3d00874 fix(proxy): match passthrough registry routes bare-to-bare with SERVER_ROOT_PATH
• 67428bd Merge pull request #29639 from BerriAI/litellm_ghsa_q775_defaults_rc188
• c5d214c fix(key_generate): harden GHSA-q775 session-token exemption against default_k...
• c2a0a6a Merge pull request #29637 from BerriAI/litellm_cherrypick_1_88_0_rc3
• 26e9689 fix(key_generate): exempt UI/CLI session tokens from the budget ceiling for t...
• 0aea62b Merge pull request #29632 from BerriAI/litellm_cherrypick_1_88_0_rc2
• ed04563 fix: passthrough endpoints duplicate logs (#29598)
• 2110b41 fix(vertex): strip output_config.effort for Vertex Claude models that reject ...
• 8373712 fix(key_generate): allow team members to create keys on org-scoped teams (#29...
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)