chore(deps-dev): Bump strict-kwargs from 2026.5.18.post1 to 2026.5.18.post3

[dependabot]

Bumps strict-kwargs from 2026.5.18.post1 to 2026.5.18.post3.

Release notes

Sourced from strict-kwargs's releases.

Release 2026.5.18-post.3

2026.5.18-post.3 (2026-05-18)

Features

• colorize fix --diff output on TTY terminals (#77) (6120523)

Bug Fixes

• a non-UTF-8 file no longer aborts the run or masks violations (#53) (#61) (f699aeb), closes #59
• avoid double-visiting elif test expressions; drop cargo test from pre-push (#79) (4b6e5bd), closes #76
• bound expression nesting so deep files fail gracefully (#54) (#62) (eeade9b)
• handle unbound calls through dotted module paths in the fixer (#66) (f665b12)
• skip @​singledispatch / @​singledispatchmethod functions (#73) (81a6568)
• skip calls through function parameters to prevent false positives (issue #71) (#74) (5015d81)
• use jq to build dispatch payload so client_payload is an object (#78) (99c1199)

Performance Improvements

• parallelize the per-file built-in pass (issue #46) (#70) (693cc6c), closes #56
• pipeline the built-in pass and ty phase for cross-file overlap (#67) (#75) (a6aa06e), closes #53 #46

Continuous Integration

• cache Rust builds, drop duplicate compiles, cancel stale runs (#65) (36bfe2d)

Documentation

• restructure README — add comparison note (#64) (b39cd80), closes #61

Release 2026.5.18-post.2

2026.5.18-post.2 (2026-05-18)

Bug Fixes

• a non-UTF-8 file no longer aborts the run or masks violations (#53) (#61) (f699aeb), closes #59
• bound expression nesting so deep files fail gracefully (#54) (#62) (eeade9b)
• handle unbound calls through dotted module paths in the fixer (#66) (f665b12)
• skip @​singledispatch / @​singledispatchmethod functions (#73) (81a6568)
• skip calls through function parameters to prevent false positives (issue #71) (#74) (5015d81)

Performance Improvements

... (truncated)

Changelog

Sourced from strict-kwargs's changelog.

Changelog

Next

2026.5.18-post.3

2026.5.18-post.2

2026.5.18-post.1

• Whole-project and directory runs are faster (issue #46). The per-file built-in pass (read, parse, AST walk) now runs in parallel across files instead of sequentially — on a multicore machine it is the bulk of whole-project runtime once ignored directories are pruned. The ty fallback still runs serially against a single shared server, and output is byte-identical and deterministic regardless of how the work is scheduled.

• A deeply nested file no longer crashes the process with a stack overflow (issue #54). f(f(f(…f(1)…))) thousands of levels deep — machine-generated code, a huge data literal, or hostile input — used to abort the whole run with SIGABRT (exit 134), taking every other file in a directory or pre-commit run down with it; the vendored Ruff parser fork enforces no recursion limit. The analysis now runs on a large dedicated stack so legitimate deep nesting is handled identically across platforms and build profiles (rather than depending on the host's default stack), and a file nested deeper than the supported limit is rejected up front with a clear expression nesting too deep message and exit code 2 instead of crashing.

• Operational errors are no longer silently swallowed (issue #55). Previously a mistyped path made the run report "clean" (exit 0), a malformed or wrong-typed [tool.strict_kwargs] was ignored and the run proceeded with defaults, and an invalid --python silently disabled the explicit environment — each a false pass or a silent downgrade in exactly the automated contexts this tool targets. Now: a path that does not exist is a hard error (exit 2), like ruff, instead of being skipped (an existing non-Python file passed directly is still a deliberate selection and is skipped); a pyproject.toml that exists but cannot be read or parsed, or whose [tool.strict_kwargs] has the wrong shape or value types (e.g. ignore_names not a list), is a hard error (exit 2) rather than a silent fall back to defaults — a missing pyproject.toml or one

... (truncated)

Commits

• 0e4f7b2 Bump CHANGELOG and version for release
• 4b6e5bd fix: avoid double-visiting elif test expressions; drop cargo test from pre-pu...
• 99c1199 fix: use jq to build dispatch payload so client_payload is an object (#78)
• 6120523 feat: colorize fix --diff output on TTY terminals (#77)
• 3a35838 Bump CHANGELOG and version for release
• See full diff in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)