[flake8-bandit/S506] Dont report violation when SafeLoader is imported from yaml.loader

[mikaelarguedas]

Summary

Hey there 👋 thanks for this great project!

On python code looking like the following

import yaml
from yaml.loader import SafeLoader

with MY_FILE_PATH.open("r") as my_file:
    my_data = yaml.load(my_file, Loader=SafeLoader)

ruff reports this error:

S506 Probable use of unsafe loader `SafeLoader` with `yaml.load`. Allows instantiation of arbitrary objects. Consider `yaml.safe_load`.

This PR is an attempt to support SafeLoader being imported for either yaml or yaml.loader

Disclaimer:
I am not familiar with Rust so this is likely not the better way of doing it. Interested in hearing how to adapt this PR to provide similar behavior in a better way

Test Plan

The S506.py file was updated accordingly to cover the use cases and test were confirmed to pass with this change.

[github-actions]

ruff-ecosystem results

Linter (stable)

ℹ️ ecosystem check encountered linter errors. (no lint changes; 1 project error)

pypa/setuptools (error)

ruff failed
  Cause: 'quote-style = preserve' is a preview only feature. Run with '--preview' to enable it.

Linter (preview)

✅ ecosystem check detected no linter changes.

[charliermarsh]

Thanks, this is great! I just collapsed the matches! calls into a single pattern-match rather than two separate macros.