Add use of safe_load() function in README (#285)

sblondon · perlpunk · commit 6549385d53d9 · 2019-12-07T22:44:29.000+01:00
It helps people to use `safe_load` if they discover the library.
It's more secure if `safe_load()` is used by default, and `load()` is used if it's necessary (and the developer knows what is does).
diff --git a/README b/README
@@ -15,6 +15,10 @@ parser and emitter as follows:
     >>> yaml.load(stream, Loader=yaml.CLoader)
     >>> yaml.dump(data, Dumper=yaml.CDumper)
 
+If you don't trust the input stream, you should use:
+
+    >>> yaml.safe_load(stream)
+
 PyYAML includes a comprehensive test suite.  To run the tests,
 type 'python setup.py test'.
 
