Vulnerability in PyYAML

[shawnsarwar]

Bravado requires pyyaml, which currently has a known critical bug on versions <= 4.1

Here'e a related thread from the pyyaml board:

[macisamuele]

@shawnsarwar bravado depends on PyYAML but it does not have requirement for a certain version of the library. Would be acceptable to add in your dependencies a min requirement for PyYAML such that the security of the final product is not impacted?