WhatA minimal, auditable LLM API proxy that unifies provider interfaces (OpenAI, Anthropic, etc.) in under 1,000 lines of code with zero unnecessary dependencies.
SignalMultiple commenters expressed that they use litellm only as a lightweight wrapper to normalize LLM API calls and are now looking to move away entirely — the core need is simple API translation, but litellm has grown into a bloated, risky dependency for what should be a trivial function.
Why NowThe litellm compromise is a forcing function — thousands of developers are actively seeking alternatives right now, and the fragmentation of LLM providers (OpenAI, Anthropic, Google, Mistral, local models) means the translation layer need is only growing.
MarketEvery company building on multiple LLM providers; litellm has 20K+ GitHub stars and millions of monthly PyPI downloads; competitors like LiteLLM are now tainted, and alternatives like portkey.ai are heavier SaaS plays.
MoatMinimal codebase is itself the moat — fully auditable, few dependencies, and easy to vendor inline, making it the trust-default choice in a post-compromise world.
Tell HN: Litellm 1.82.7 and 1.82.8 on PyPI are compromisedView discussion ↗ · Article ↗ · 783 pts · March 24, 2026
More ideas from March 24, 2026
Apple-Native IT Management Platform for SMBsP6/10A third-party IT admin platform purpose-built to fill the gaps Apple Business will inevitably leave, offering deeper MDM, onboarding automation, and cross-platform bridging for Mac-first companies.
One-Click Employee Onboarding for Mac-First TeamsC6/10An automated onboarding orchestrator that provisions a new employee across Apple Business, Google Workspace, Slack, GitHub, and dozens of other SaaS tools in a single workflow — purpose-built for Mac-centric companies.
Migration Tool From Google Workspace to Apple BusinessC5/10A turnkey migration service and software that moves an entire company's email, calendar, contacts, files, and permissions from Google Workspace or Microsoft 365 to Apple Business with zero downtime.
Apple Business Localization Layer for Non-US MarketsC5/10A compliance and feature-bridging platform that extends Apple Business capabilities to international companies, handling region-specific email hosting, data residency, and regulatory requirements Apple doesn't yet support.
Real-Time Supply Chain Attack Detection for Package RegistriesP7/10A monitoring service that continuously analyzes new package releases on PyPI, npm, and other registries for malicious payloads, alerting maintainers and users within minutes of a compromise.
Hermetic Dependency Sandboxing for AI Dev EnvironmentsP7/10A sandboxed runtime layer that intercepts and isolates all dependency installs and executions in AI coding tools (Cursor, Copilot, Windsurf) so compromised packages cannot access the host system.