MAINT: Bump cython from 0.29.22 to 0.29.23

[dependabot-preview]

Bumps cython from 0.29.22 to 0.29.23.

Changelog

Sourced from cython's changelog.

0.29.23 (2021-04-14)

Bugs fixed

• Some problems with Python 3.10 were resolved. Patches by Victor Stinner and David Woods. (Github issues #4046, #4100)
• An incorrect "optimisation" was removed that allowed changes to a keyword dict to leak into keyword arguments passed into a function. Patch by Peng Weikang. (Github issue #3227)
• Multiplied str constants could end up as bytes constants with language_level=2. Patch by Alphadelta14 and David Woods. (Github issue #3951)
• PY_SSIZE_T_CLEAN does not get defined any more if it is already defined. Patch by Andrew Jones. (Github issue #4104)

Commits

• 1767078 Fix embed test in Py2.6.
• 05be94a Try to resolve apt install issues on travis.
• e3ee22d Remove "PYTHONHOME" setting from embed-test since it seems to break the I/O e...
• d715643 Make embed test more debuggable by printing the path setup and the build outp...
• b6077b2 Update changelog.
• 7c0585e Summarize test failures when running in shards.
• 315c20e Only #define PY_SSIZE_T_CLEAN if it is not already #defined
• c0d5282 Test runner statistics: show the most time intensive test steps (compilatio/r...
• dd7fd78 Work around a test failure in Py3.10.
• 66690e7 Fix string constant folding with language_level=2 (GH-4083)
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
• @dependabot badge me will comment on this PR with code to add a "Dependabot enabled" badge to your readme

Additionally, you can set the following in the .dependabot/config.yml file in this repo:

• Update frequency
• Out-of-range updates (receive only lockfile updates, if desired)
• Security updates (receive only security updates, if desired)

[mattip]

Do we care that test_requirements.txt (which pins to a specific version, in this PR updated to exactly 0.29.23) is slightly different than pyprject.toml (which wants cython>=0.29.21,<3.0)? It seems in CI and in tox.ini we use the test_requirements.txt, maybe we should move away from that and prefer pyroject.toml instead.

[charris]

I like the requirements files as they are easy to use with pip. We will need 0.29.23 for Python 3.10. It looks like dependabot supports pyproject.toml files these days, maybe we can use it to maintain both.