add more golangci-lint checks

.golangci.yml

@@ -1,6 +1,24 @@
 linters:
   enable:
+    - dogsled
+    - dupl
     - goimports
-    - stylecheck
+    - gosec
     - misspell
+    - nakedret
+    - stylecheck
+    - unconvert
+    - unparam
     - whitespace
+
+issues:
+  exclude-rules:
+    # Some cache implementations use md5 hashes for cached filenames.  There is
+    # a slight risk of cache poisoning if an attacker could construct a URL
+    # with the same hash, but it would also need to be allowed by the proxies
+    # security settings.  Changing these to a more secure hash algorithm would
+    # result in 100% cache misses when users upgrade. For now, just leave these
+    # alone.
+    - path: internal/.*cache
+      linters: gosec
+      text: G(401|501)

cmd/imageproxy-sign/main.go

@@ -53,7 +53,7 @@ func sign(key string, s string, urlOnly bool) ([]byte, error) {
 		return nil, fmt.Errorf("error parsing key: %v", err)
 	}
 
-	mac := hmac.New(sha256.New, []byte(k))
+	mac := hmac.New(sha256.New, k)
 	if _, err := mac.Write([]byte(u.String())); err != nil {
 		return nil, err
 	}