WIP: More link fixes, rewording

jhogberg · jhogberg · commit dea105b42a57 · 2025-12-04T10:39:00.000+01:00
diff --git a/system/doc/design_principles/secure_coding.md b/system/doc/design_principles/secure_coding.md
@@ -954,8 +954,8 @@ B = ets:lookup(registered_table, KeyB).
 #### [`DSG-011`] - Only Deserialize Trusted Data
 [`DSG-011`]: #rule-dsg-011
 
-There exist a variety of functionality in Erlang/OTP that serialize general
-Erlang terms. Such functionality is intended to be used in a trusted
+Erlang/OTP provides various functionality that serializes and deserializes
+general Erlang terms. Such functionality is intended to be used in a trusted
 environment and is not suitable for communication with untrusted entities. For
 example, you do not want to load a [`mnesia`] backup from an untrusted entity.
 One issue with this being the potential for atom exhaustion, but more
@@ -1247,7 +1247,7 @@ Related CWEs and OWASP risks: [CWE-242], [CWE-489], [`A06:2025`]
 
 | Unsafe functionality                       | Alternative functionality                                           | Note                                          |
 |:-------------------------------------------|:--------------------------------------------------------------------|:----------------------------------------------|
-| Undocumented functions/functionality       | *Only* use documented and supported functionality                   | See [Undocumented Functions/Functionality]    |
+| Undocumented functions/functionality       | *Only* use documented and supported functionality                   | See [`DSG-004`]                               |
 | [`open_port/2`] with `{spawn, _}` argument | [`open_port/2`] with `{spawn_executable\|spawn_driver, _}` argument | See [`MSC-003`]                               |
 | `m:http_uri` module                        | `m:uri_string` module                                               |                                               |
 | `crypto:start/0`                           | `application:start(crypto)`                                         | See [Initializing `crypto`]                   |
@@ -1307,7 +1307,7 @@ Related CWEs and OWASP risks: [CWE-242], [CWE-489], [`A06:2025`]
 | `ssl:prf/5`                                | `ssl:export_key_materials/4`                                        |                                        |
 | `ssl:prf/5`                                | `ssl:export_key_materials/4`                                        |                                        |
 | `ssl:prf/5`                                | `ssl:export_key_materials/4`                                        |                                        |
-| Deprecated functionality                   |                                                                     | See [Deprecated Functionality]         |
+| Deprecated functionality                   |                                                                     | See [`DSG-005`]                        |
 
 [`binary_to_atom/1`]: `erlang:binary_to_atom/1`
 [`binary_to_atom/2`]: `erlang:binary_to_atom/2`
@@ -1761,8 +1761,8 @@ Erlang/OTP, covering both the [CWE Top 25] and the [On The Cusp] list.
    
    [CWE-312]: https://cwe.mitre.org/data/definitions/312.html
 
-## OWASP Top 10
 [](){: #owasp-top-10 }
+## OWASP Top 10
 [OWASP Top 10]: #owasp-top-10
 
 This section comments on the [top ten security risks] as catalogued by [OWASP].
@@ -1884,8 +1884,8 @@ these risks.
    
    [A10:2025]: https://owasp.org/Top10/2025/A10_2025-Mishandling_of_Exceptional_Conditions/
 
-## OWASP API Security Top 10
 [](){: #owasp-api-top-10 }
+## OWASP API Security Top 10
 [OWASP API Security Top 10]: #owasp-api-top-10
 
 This section comments on the [top ten API security risks] as catalogued by
