The documentation mentioned that SafeLoader only used the standard
tags, but I guess I didn't take that seriously; it came as a bit of a
surprise when yaml.safe_load didn't load tags I'd added using
yaml.add_constructor. Is there no middle ground between allowing users
to call arbitrary callables and only allowing users to create a select
few types? I need the security of not unpickling things by accident,
but very much want to use my own tags.