Update PyYAML to 5.4.1

[emkll]

CI is currently failing in proxy, client and sdk repositories due to CVE-2020-14343. associated to the version of PyYAML used:

• https://app.circleci.com/pipelines/github/freedomofpress/securedrop-sdk/328/workflows/f41a023e-ef44-434b-8d08-316e23075798/jobs/1316
• https://app.circleci.com/pipelines/github/freedomofpress/securedrop-proxy/26/workflows/b2ec6521-c96a-4ca5-9f9d-61e5fec74623/jobs/378
• The failure is in client as well, but CI is passing because of a bug in the safety check call, see https://github.com/freedomofpress/securedrop-client/compare/fix-safety-check

It looks like in the case of Client and SDK, PyYAML is only a dev dependency: only the proxy uses PyYAML in a production context.
@kushaldas has already done a diff review in https://github.com/freedomofpress/securedrop-debian-packaging/wiki/PyYAML-5.3.1-to-5.4.1

[sssoleileraaa]

to avoid having to monitor yet another slack channel, we could add a nightly to the repos to show safety failures in github

[emkll]

to avoid having to monitor yet another slack channel, we could add a nightly to the repos to show safety failures in github

Great idea. I've added a commit for both client and proxy to add nightly CI runs in freedomofpress/securedrop-client#1222 and freedomofpress/securedrop-proxy#82 respectively. (SDK already has nightly builds, see https://github.com/freedomofpress/securedrop-sdk/blob/15bc20af8113148db173add854c7844fad65078e/.circleci/config.yml#L82-L91)