From 9f7324355999336590cf6cc7e0e0046bb128f844 Mon Sep 17 00:00:00 2001
From: ulli <ulli@mit.edu>
Date: Thu, 6 Aug 2020 20:55:39 -0400
Subject: [PATCH 1/3] Fix security vulnerability. Our collaborator identified
 the of sqlalchemy as problematic.

Conda says, when building the notebook image, that bayeslite has an indirect dependency
to sqlalchemy. However, when I make this dependency explicit, bayeslite complains that
CGPM doesn't like. Thus pushing to a branch here to see the conda  build
on travis.

Sosqlalchemy making this dependency explicit and bumping it's version should solve
the problem.
---
 conda/meta.yaml | 2 ++
 1 file changed, 2 insertions(+)

diff --git a/conda/meta.yaml b/conda/meta.yaml
index ba87077e..d60e849f 100644
--- a/conda/meta.yaml
+++ b/conda/meta.yaml
@@ -14,6 +14,7 @@ requirements:
     - matplotlib 1.5.*
     - numpy 1.11.*
     - python 2.7.*
+    - sqlalchemy 1.3.18
   run:
     - nomkl
     - matplotlib 1.5.*
@@ -23,6 +24,7 @@ requirements:
     - scikit-learn 0.17.*
     - scipy 0.17.*
     - statsmodels 0.6.*
+    - sqlalchemy 1.3.18
 
 test:
   requires:

From a459dbd51e7b2fa493dcc51e26140be76d1e93ee Mon Sep 17 00:00:00 2001
From: ulli <ulli@mit.edu>
Date: Thu, 6 Aug 2020 21:11:08 -0400
Subject: [PATCH 2/3] Undo previous commits as this fails with mysterious
 python version issues on travis.

---
 conda/meta.yaml | 2 --
 1 file changed, 2 deletions(-)

diff --git a/conda/meta.yaml b/conda/meta.yaml
index d60e849f..ba87077e 100644
--- a/conda/meta.yaml
+++ b/conda/meta.yaml
@@ -14,7 +14,6 @@ requirements:
     - matplotlib 1.5.*
     - numpy 1.11.*
     - python 2.7.*
-    - sqlalchemy 1.3.18
   run:
     - nomkl
     - matplotlib 1.5.*
@@ -24,7 +23,6 @@ requirements:
     - scikit-learn 0.17.*
     - scipy 0.17.*
     - statsmodels 0.6.*
-    - sqlalchemy 1.3.18
 
 test:
   requires:

From 01b61c3b2acc997ea25dc05f6b9413d0fce6dc16 Mon Sep 17 00:00:00 2001
From: ulli <ulli@mit.edu>
Date: Thu, 6 Aug 2020 21:31:31 -0400
Subject: [PATCH 3/3] Following up on the previous two commits. Trying a lower
 version of sqlalchemy.

---
 conda/meta.yaml | 2 ++
 1 file changed, 2 insertions(+)

diff --git a/conda/meta.yaml b/conda/meta.yaml
index ba87077e..b7be2134 100644
--- a/conda/meta.yaml
+++ b/conda/meta.yaml
@@ -14,6 +14,7 @@ requirements:
     - matplotlib 1.5.*
     - numpy 1.11.*
     - python 2.7.*
+    - sqlalchemy 1.3.1
   run:
     - nomkl
     - matplotlib 1.5.*
@@ -23,6 +24,7 @@ requirements:
     - scikit-learn 0.17.*
     - scipy 0.17.*
     - statsmodels 0.6.*
+    - sqlalchemy 1.3.1
 
 test:
   requires: