Bekbolatov · March 24, 2026 21:50
diff --git a/check_litellm.sh b/check_litellm.sh
 #!/usr/bin/env bash
 # check_litellm.sh — Scan for LiteLLM dependency (direct or transitive)
 # Usage: ./check_litellm.sh [directory_to_scan]
 #
 # Generated with Claude Opus 4.6 Extended:
 # Prompt: 
 # """ 
 # command to run to see if you have a dependency on LiteLLM  (since it was compromised)
 # Prepare one comprehensive simple solid runnable bash script -
 # """
 # 

 set -euo pipefail

 DIR="${1:-.}"
 FOUND=0

 red()   { printf "\033[1;31m%s\033[0m\n" "$*"; }
 green() { printf "\033[1;32m%s\033[0m\n" "$*"; }
 bold()  { printf "\033[1m%s\033[0m\n" "$*"; }

 bold "════════════════════════════════════════════"
 bold "  LiteLLM Dependency Check"
 bold "════════════════════════════════════════════"
 echo ""

 # ── 1. Python (pip) ──────────────────────────
 bold "[1/5] Checking pip..."
 if command -v pip &>/dev/null; then
    result=$(pip list 2>/dev/null | grep -i litellm || true)
    if [[ -n "$result" ]]; then
        red "  FOUND via pip:"
        echo "  $result"
        FOUND=1
    else
        green "  Not found in pip packages."
    fi

    # Check if anything depends on it
    deps=$(pip show litellm 2>/dev/null | grep -i "required-by" || true)
    if [[ -n "$deps" ]]; then
        echo "  $deps"
    fi
 else
    echo "  pip not available, skipping."
 fi

 # ── 2. Conda ─────────────────────────────────
 bold "[2/5] Checking conda..."
 if command -v conda &>/dev/null; then
    result=$(conda list 2>/dev/null | grep -i litellm || true)
    if [[ -n "$result" ]]; then
        red "  FOUND via conda:"
        echo "  $result"
        FOUND=1
    else
        green "  Not found in conda packages."
    fi
 else
    echo "  conda not available, skipping."
 fi

 # ── 3. Node (npm/yarn/pnpm) ──────────────────
 bold "[3/5] Checking node package managers..."
 for lockfile in package-lock.json yarn.lock pnpm-lock.yaml; do
    target="$DIR/$lockfile"
    if [[ -f "$target" ]]; then
        if grep -qi "litellm" "$target" 2>/dev/null; then
            red "  FOUND in $lockfile"
            FOUND=1
        else
            green "  Clean: $lockfile"
        fi
    fi
 done
 if command -v npm &>/dev/null; then
    result=$(npm ls --all 2>/dev/null | grep -i litellm || true)
    if [[ -n "$result" ]]; then
        red "  FOUND in npm dependency tree:"
        echo "  $result"
        FOUND=1
    fi
 fi

 # ── 4. Project/config files ──────────────────
 bold "[4/5] Scanning project files in: $DIR"
 file_patterns=(
    "requirements*.txt"
    "pyproject.toml"
    "setup.py"
    "setup.cfg"
    "poetry.lock"
    "Pipfile"
    "Pipfile.lock"
    "uv.lock"
    "conda.yaml"
    "environment.yml"
    "docker-compose*.yml"
    "Dockerfile*"
    "*.cfg"
 )
 hits=0
 for pattern in "${file_patterns[@]}"; do
    while IFS= read -r -d '' f; do
        if grep -qi "litellm" "$f" 2>/dev/null; then
            red "  FOUND in: $f"
            grep -ni "litellm" "$f" 2>/dev/null | sed 's/^/    /'
            FOUND=1
            ((hits++))
        fi
    done < <(find "$DIR" -maxdepth 4 -name "$pattern" -print0 2>/dev/null)
 done
 if [[ $hits -eq 0 ]]; then
    green "  No hits in config/lock files."
 fi

 # ── 5. Source code imports ───────────────────
 bold "[5/5] Scanning source code for imports/references..."
 hits=0
 while IFS= read -r -d '' f; do
    if grep -qi "litellm" "$f" 2>/dev/null; then
        red "  FOUND in: $f"
        grep -ni "litellm" "$f" 2>/dev/null | head -5 | sed 's/^/    /'
        FOUND=1
        ((hits++))
    fi
 done < <(find "$DIR" -maxdepth 6 \
    \( -name "*.py" -o -name "*.ts" -o -name "*.js" -o -name "*.yaml" -o -name "*.yml" -o -name "*.toml" -o -name "*.json" \) \
    ! -path "*/node_modules/*" ! -path "*/.venv/*" ! -path "*/venv/*" ! -path "*/__pycache__/*" ! -path "*/.git/*" \
    -print0 2>/dev/null)
 if [[ $hits -eq 0 ]]; then
    green "  No hits in source code."
 fi

 # ── Summary ──────────────────────────────────
 echo ""
 bold "════════════════════════════════════════════"
 if [[ $FOUND -eq 1 ]]; then
    red "  ⚠  LiteLLM dependency DETECTED"
    echo "  Review the matches above and check"
    echo "  installed versions against the"
    echo "  compromised release range."
 else
    green "  ✓  No LiteLLM dependency found"
 fi
 bold "════════════════════════════════════════════"

 exit $FOUND
	#!/usr/bin/env bash
	# check_litellm.sh — Scan for LiteLLM dependency (direct or transitive)
	# Usage: ./check_litellm.sh [directory_to_scan]
	#
	# Generated with Claude Opus 4.6 Extended:
	# Prompt:
	# """
	# command to run to see if you have a dependency on LiteLLM (since it was compromised)
	# Prepare one comprehensive simple solid runnable bash script -
	# """
	#

	set -euo pipefail

	DIR="${1:-.}"
	FOUND=0

	red() { printf "\033[1;31m%s\033[0m\n" "$*"; }
	green() { printf "\033[1;32m%s\033[0m\n" "$*"; }
	bold() { printf "\033[1m%s\033[0m\n" "$*"; }

	bold "════════════════════════════════════════════"
	bold " LiteLLM Dependency Check"
	bold "════════════════════════════════════════════"
	echo ""

	# ── 1. Python (pip) ──────────────────────────
	bold "[1/5] Checking pip..."
	if command -v pip &>/dev/null; then
	result=$(pip list 2>/dev/null \| grep -i litellm \|\| true)
	if [[ -n "$result" ]]; then
	red " FOUND via pip:"
	echo " $result"
	FOUND=1
	else
	green " Not found in pip packages."
	fi

	# Check if anything depends on it
	deps=$(pip show litellm 2>/dev/null \| grep -i "required-by" \|\| true)
	if [[ -n "$deps" ]]; then
	echo " $deps"
	fi
	else
	echo " pip not available, skipping."
	fi

	# ── 2. Conda ─────────────────────────────────
	bold "[2/5] Checking conda..."
	if command -v conda &>/dev/null; then
	result=$(conda list 2>/dev/null \| grep -i litellm \|\| true)
	if [[ -n "$result" ]]; then
	red " FOUND via conda:"
	echo " $result"
	FOUND=1
	else
	green " Not found in conda packages."
	fi
	else
	echo " conda not available, skipping."
	fi

	# ── 3. Node (npm/yarn/pnpm) ──────────────────
	bold "[3/5] Checking node package managers..."
	for lockfile in package-lock.json yarn.lock pnpm-lock.yaml; do
	target="$DIR/$lockfile"
	if [[ -f "$target" ]]; then
	if grep -qi "litellm" "$target" 2>/dev/null; then
	red " FOUND in $lockfile"
	FOUND=1
	else
	green " Clean: $lockfile"
	fi
	fi
	done
	if command -v npm &>/dev/null; then
	result=$(npm ls --all 2>/dev/null \| grep -i litellm \|\| true)
	if [[ -n "$result" ]]; then
	red " FOUND in npm dependency tree:"
	echo " $result"
	FOUND=1
	fi
	fi

	# ── 4. Project/config files ──────────────────
	bold "[4/5] Scanning project files in: $DIR"
	file_patterns=(
	"requirements*.txt"
	"pyproject.toml"
	"setup.py"
	"setup.cfg"
	"poetry.lock"
	"Pipfile"
	"Pipfile.lock"
	"uv.lock"
	"conda.yaml"
	"environment.yml"
	"docker-compose*.yml"
	"Dockerfile*"
	"*.cfg"
	)
	hits=0
	for pattern in "${file_patterns[@]}"; do
	while IFS= read -r -d '' f; do
	if grep -qi "litellm" "$f" 2>/dev/null; then
	red " FOUND in: $f"
	grep -ni "litellm" "$f" 2>/dev/null \| sed 's/^/ /'
	FOUND=1
	((hits++))
	fi
	done < <(find "$DIR" -maxdepth 4 -name "$pattern" -print0 2>/dev/null)
	done
	if [[ $hits -eq 0 ]]; then
	green " No hits in config/lock files."
	fi

	# ── 5. Source code imports ───────────────────
	bold "[5/5] Scanning source code for imports/references..."
	hits=0
	while IFS= read -r -d '' f; do
	if grep -qi "litellm" "$f" 2>/dev/null; then
	red " FOUND in: $f"
	grep -ni "litellm" "$f" 2>/dev/null \| head -5 \| sed 's/^/ /'
	FOUND=1
	((hits++))
	fi
	done < <(find "$DIR" -maxdepth 6 \
	\( -name ".py" -o -name ".ts" -o -name ".js" -o -name ".yaml" -o -name ".yml" -o -name ".toml" -o -name "*.json" \) \
	! -path "/node_modules/" ! -path "/.venv/" ! -path "/venv/" ! -path "/__pycache__/" ! -path "/.git/" \
	-print0 2>/dev/null)
	if [[ $hits -eq 0 ]]; then
	green " No hits in source code."
	fi

	# ── Summary ──────────────────────────────────
	echo ""
	bold "════════════════════════════════════════════"
	if [[ $FOUND -eq 1 ]]; then
	red " ⚠ LiteLLM dependency DETECTED"
	echo " Review the matches above and check"
	echo " installed versions against the"
	echo " compromised release range."
	else
	green " ✓ No LiteLLM dependency found"
	fi
	bold "════════════════════════════════════════════"

	exit $FOUND
No results found