Security issue in dependencies

[PeterDaveHello]

serve-static Open Redirect 1.5.3

CVE-2015-1164
**Credit: *_Pierre-Élie Fauché
Vulnerable: *<1.6.5 || >=1.7.0 <1.7.2
_Patched: ~1.6.5 || >=1.7.2

https://nodesecurity.io/advisories/serve-static-open-redirect

Shall we upgrade serve-static to 1.6.5 or something?

Because there is no ci or unit test, I'm afraid that upgrading dependencies will brake the functions.

[jesperronn]

Speaking of CI or unit test, #729 contains the necessary code to setup Travis for building.

I did not get any feedback, but will be pleased to know if it works for you.

I did not get around to unit testing, since these days I am developing specific functionality for Stackedit.

Good to see the patch, I could not think it would break stackedit, but you probably want @benweet to confirm that.

[PeterDaveHello]

In fact, without unit test, travis-ci can not help anything.

BTW @jesperronn, there are many spaces changes and commits in that PR, which are not really meaningful, I can only see you added .travis.yml and updated part of developer-guide.md, I'll respectfully suggest you to remove that spaces changes and just squash your commits into two parts - add .travis.yml and update developer-guide.md, it'll be clean and clear, easier to trace, audit and review.