Fix Security/YAMLLoad offences

The cop is disabled for the `TextDirectionTest` because

Replacing `YAML.load` with `YAML.safe_load` produces the following
test failure:

```
TextDirectionTest#test_explicitly_sets_text_direction_for_en.yml:
Psych::BadAlias: Unknown alias: nested_attachment_field_names
```

The en.yml file contains the folowing line which appears to be invalid YAML:

```
nested_attachment_field_names: &nested_attachment_field_names
```

See #3684

test/unit/address_formatter/h_card_test.rb

@@ -8,7 +8,7 @@
 class AddressFormatter::HCardTest < ActiveSupport::TestCase
   setup do
     @old_formats = AddressFormatter::Formatter.address_formats
-    AddressFormatter::Formatter.address_formats = YAML.load(%{
+    AddressFormatter::Formatter.address_formats = YAML.safe_load(%{
       es: |-
           {{fn}}
           {{street-address}}

test/unit/address_formatter/json_test.rb

@@ -7,7 +7,7 @@
 class AddressFormatter::JsonTest < ActiveSupport::TestCase
   setup do
     @old_formats = AddressFormatter::Formatter.address_formats
-    AddressFormatter::Formatter.address_formats = YAML.load(%{
+    AddressFormatter::Formatter.address_formats = YAML.safe_load(%{
       gb: |-
           {{fn}}
           {{street-address}}

test/unit/address_formatter/text_test.rb

@@ -8,7 +8,7 @@
 class AddressFormatter::TextTest < ActiveSupport::TestCase
   setup do
     @old_formats = AddressFormatter::Formatter.address_formats
-    AddressFormatter::Formatter.address_formats = YAML.load(%{
+    AddressFormatter::Formatter.address_formats = YAML.safe_load(%{
       es: |-
           {{fn}}
           {{street-address}}

test/unit/text_direction_test.rb

@@ -5,7 +5,7 @@ class TextDirectionTest < ActiveSupport::TestCase
 
   paths.each do |path|
     test "explicitly sets text direction for #{File.basename(path)}" do
-      data = YAML.load(File.read(path))
+      data = YAML.load(File.read(path)) # rubocop:disable Security/YAMLLoad
       locale = data.keys.first
 
       i18n = data[locale]["i18n"]