Upgrade pyyaml to 5.1

[truthbk]

What does this PR do?

Bumps PyYaml to the latest 5.1.

Motivation

Enable new full_load() option for customers perhaps wanting to use that after load_all() was patched for security reasons.

Notes:

Not sure how you guys are dealing with versioning at the moment! Please enlighten me! :)

Related PRs: DataDog/omnibus-software#311, DataDog/dd-agent#3839

[codecov]

Codecov Report

Merging #3698 into master will decrease coverage by 3.44%.
The diff coverage is n/a.

@@            Coverage Diff             @@
##           master    #3698      +/-   ##
==========================================
- Coverage    86.2%   82.75%   -3.45%     
==========================================
  Files         729       93     -636     
  Lines       37497     5736   -31761     
  Branches     4494      667    -3827     
==========================================
- Hits        32325     4747   -27578     
+ Misses       3947      838    -3109     
+ Partials     1225      151    -1074

[truthbk]

@ofek is this good to be merged? No need to manually bump versions or anything like that?

[truthbk]

Note: Further context on why the monkey patch has been kept in place follows. The pyyaml authors go on to say the following about the 5.1 release yaml/pyyaml#257):

We still recommend that people choose SafeLoader for untrusted data, but
aribitrary code execution will no longer be possible using yaml.load() with
the default loader (FullLoader). FullLoader will instantiate objects of classes
that you have imported. Since object instantiation runs the class's constructor code, that may be exploitable.

Because the FullLoader still presents some exploitable vector we will wait for 6.0, when yaml.load() will raise an exception if no loader is specified in the calling code, to remove the monkey patch.