pyinfra's v3.8.0 release marks a strategic pivot to full semver, clarifying versioning for developers. This update includes critical security fixes, such as quoted untrusted values in command construction to mitigate injection risks, and expanded Docker operations like compose and build commands. The semantic versioning shift ensures clearer tracking of stability and features, a boon for teams relying on predictable tooling.

The release delivers granular technical improvements across systems management. Notable changes include semicolon support in TmpDir shell scripts for compatibility, modernized apt.key handling to replace deprecated commands, and uv framework integration. Docker enhancements add login/logout and compose operations, while file operations now support download bandwidth limiting. These updates refine cross-platform reliability, particularly for Linux and BSD environments. Security-focused refinements, like SSH IdentityAgent support and ZFS command guards, address modern infrastructure challenges.

Key additions reflect practical developer needs. The introduction of AI coding agent support and PR review skills aim to streamline workflows. Docker's new compose operation simplifies container management, while expanded facts like authorized SSH keys and cron tab parsing improve automation accuracy. The semantic versioning move, combined with these targeted fixes, positions pyinfra as a more robust tool for configuration management. The update’s focus on backward compatibility and modern tooling integration ensures it remains relevant for both legacy and cutting-edge systems.