Fix lint checks.

.golangci.yml

@@ -31,6 +31,7 @@ issues:
         - scopelint # Otherwise you need tc := tc. This isn't actually a problem unless tests are being run in parallel.
         - lll # Don't do line length checks in test code.
         - dupl # Sometimes we duplicate a bunch in tests for the sake of clarity.
+        - gosec # Don't run gosec, it's insecure because it's a test
     - path: nacl/secretbox
       linters:
         - gosec # Don't run gosec on nacl/secretbox* because we know it uses crypto/md5. TODO: Evaluate if this makes sense.
@@ -43,9 +44,6 @@ issues:
     - path: grpc/
       linters:
         - lll # GRPC code has notoriously long function signatures.
-    - path: testing/mustcert/example_test.go
-      linters:
-        - gosec # Don't run gosec, it's insecure because it's a test
 
 linters-settings:
   misspell:

dynoid/example_test.go

@@ -1,7 +1,6 @@
 package dynoid_test
 
 import (
-	"context"
 	"fmt"
 
 	"github.com/heroku/x/dynoid"
@@ -10,17 +9,10 @@ import (
 
 const AUDIENCE = "testing"
 
-var (
-	ctx   context.Context
-	token string
-)
-
-func init() {
+func ExampleVerifier() {
 	// Normally a token would be passed in, but for testing we'll generate one
-	ctx, token = internal.GenerateToken(AUDIENCE)
-}
+	ctx, token := internal.GenerateToken(AUDIENCE)
 
-func ExampleVerifier() {
 	verifier := dynoid.New(AUDIENCE)
 	verifier.IssuerCallback = dynoid.AllowHerokuHost("heroku.local") // heroku.com for production
 

dynoid/middleware/example_test.go

@@ -13,7 +13,9 @@ const AUDIENCE = "testing"
 func Example() {
 	authorized := middleware.AuthorizeSameSpace(AUDIENCE)
 	secureHandler := authorized(http.HandlerFunc(func(w http.ResponseWriter, _ *http.Request) {
-		io.WriteString(w, "Hello from a secure endpoint!\n")
+		if _, err := io.WriteString(w, "Hello from a secure endpoint!\n"); err != nil {
+			log.Printf("error writing response (%v)", err)
+		}
 	}))
 
 	http.Handle("/secure", secureHandler)