Python's yaml package shipped with an insecure default loader. They've

added a deprecation warning for this, which was showing up when

triggering Travis CI jobs. I've added an explicit use of the

SafeLoader

Posted a change that triggered a Travis CI build and saw that

deprecation warnings were gone.