Apply suggestions from code review

Co-authored-by: Matthew John Cheetham <[email protected]>

README.md

@@ -4,19 +4,19 @@
 
 ---
 
-[Git Credential Manager][gcm] (GCM) is a secure Git credential helper built on [.NET][] that runs on Windows, macOS, and Linux.
+[Git Credential Manager][gcm] (GCM) is a secure Git credential helper built on [.NET][dotnet] that runs on Windows, macOS, and Linux.
 
-Compared to Git's [built-in credential helpers][git-tools-credential-storage] (Windows: wincred, macOS: osxkeychain, Linux: gnome-keyring/libsecret) which provides single-factor authentication support working on any HTTP-enabled Git repository, GCM provides multi-factor authentication support for [Azure DevOps][], Azure DevOps Server (formerly Team Foundation Server), GitHub, and Bitbucket.
+Compared to Git's [built-in credential helpers][git-tools-credential-storage] (Windows: wincred, macOS: osxkeychain, Linux: gnome-keyring/libsecret) which provides single-factor authentication support working on any HTTP-enabled Git repository, GCM provides multi-factor authentication support for [Azure DevOps][azure-devops], Azure DevOps Server (formerly Team Foundation Server), GitHub, and Bitbucket, and GitLab.
 
 Git Credential Manager (GCM) replaces the .NET Framework-based [Git Credential Manager for Windows][gcm-for-windows] (GCM), and the Java-based [Git Credential Manager for Mac and Linux][gcm-for-mac-and-linux] (Java GCM), providing a consistent authentication experience across all platforms.
 
 ## Current status
 
 Git Credential Manager is currently available for Windows, macOS, and Linux\*. GCM only works with HTTP(S) remotes; you can still use Git with SSH:
 
-- [Azure DevOps SSH][]
-- [GitHub SSH][]
-- [Bitbucket SSH][]
+- [Azure DevOps SSH][azure-devops-ssh]
+- [GitHub SSH][github-ssh]
+- [Bitbucket SSH][bitbucket-ssh]
 
 Feature|Windows|macOS|Linux
 -|:-:|:-:|:-:
@@ -162,7 +162,7 @@ rm $(command -v git-credential-manager-core)
 
 ### Windows
 
-GCM is included with [Git for Windows][], and the latest version is included in each new Git for Windows release. This is the preferred way to install GCM on Windows. During installation you will be asked to select a credential helper, with GCM being set as the default.
+GCM is included with [Git for Windows][git-for-windows], and the latest version is included in each new Git for Windows release. This is the preferred way to install GCM on Windows. During installation you will be asked to select a credential helper, with GCM being set as the default.
 
 ![image][git-for-windows-screenshot]
 
@@ -222,7 +222,7 @@ Git that are not compatible.
 
 Once it's installed and configured, Git Credential Manager is called implicitly by Git.
 You don't have to do anything special, and GCM isn't intended to be called directly by the user.
-For example, when pushing (`git push`) to [Azure DevOps][], [Bitbucket][], or [GitHub][], a window will automatically open and walk you through the sign-in process.
+For example, when pushing (`git push`) to [Azure DevOps][azure-devops], [Bitbucket][bitbucket], or [GitHub][github], a window will automatically open and walk you through the sign-in process.
 (This process will look slightly different for each Git host, and even in some cases, whether you've connected to an on-premises or cloud-hosted Git host.)
 Later Git commands in the same repository will re-use existing credentials or tokens that GCM has stored for as long as they're valid.
 
@@ -263,12 +263,12 @@ This project follows [GitHub's Open Source Code of Conduct][gcm-coc].
 We're [MIT][gcm-license] licensed.
 When using GitHub logos, please be sure to follow the [GitHub logo guidelines][github-logos].
 
-[Azure DevOps]: https://dev.azure.com/
-[Azure DevOps SSH]: https://docs.microsoft.com/en-us/azure/devops/repos/git/use-ssh-keys-to-authenticate?view=azure-devops
-[Bitbucket]: https://bitbucket.org
-[Bitbucket SSH]: https://confluence.atlassian.com/bitbucket/ssh-keys-935365775.html
+[azure-devops]: https://dev.azure.com/
+[azure-devops-ssh]: https://docs.microsoft.com/en-us/azure/devops/repos/git/use-ssh-keys-to-authenticate?view=azure-devops
+[bitbucket]: https://bitbucket.org
+[bitbucket-ssh]: https://confluence.atlassian.com/bitbucket/ssh-keys-935365775.html
 [build-status-badge]: https://github.com/GitCredentialManager/git-credential-manager/actions/workflows/continuous-integration.yml/badge.svg
-[.NET]: https://dotnet.microsoft.com
+[dotnet]: https://dotnet.microsoft.com
 [gcm]: https://github.com/GitCredentialManager/git-credential-manager
 [gcm-arch]: docs/architecture.md
 [gcm-azure-tokens]: docs/azrepos-users-and-tokens.md
@@ -291,11 +291,11 @@ When using GitHub logos, please be sure to follow the [GitHub logo guidelines][g
 [gcm-usage]: docs/usage.md
 [gcm-windows-broker]: docs/windows-broker.md
 [gcm-wsl]: docs/wsl.md
-[Git for Windows]: https://gitforwindows.org/
+[git-for-windows]: https://gitforwindows.org/
 [git-for-windows-screenshot]: https://user-images.githubusercontent.com/5658207/140082529-1ac133c1-0922-4a24-af03-067e27b3988b.png
 [git-tools-credential-storage]: https://git-scm.com/book/en/v2/Git-Tools-Credential-Storage
-[GitHub]: https://github.com
-[GitHub SSH]: https://help.github.com/en/articles/connecting-to-github-with-ssh
+[github]: https://github.com
+[github-ssh]: https://help.github.com/en/articles/connecting-to-github-with-ssh
 [github-logos]: https://github.com/logos
 [latest-release]: https://github.com/GitCredentialManager/git-credential-manager/releases/latest
 [ms-package-repos]: https://packages.microsoft.com/repos/

docs/architecture.md

@@ -44,15 +44,15 @@ library (C#). The library targets .NET Standard as well as .NET Framework.
 > **Note**
 >
 > The reason for also targeting .NET Framework directly is that the
-> `Microsoft.Identity.Client` ([MSAL.NET][])
+> `Microsoft.Identity.Client` ([MSAL.NET][msal])
 > library requires a .NET Framework target to be able to show the embedded web
 > browser auth pop-up on Windows platforms.
 >
 > There are extension points that now exist in MSAL.NET meaning we can plug-in
 > our own browser pop-up handling code on .NET meaning both Windows and
 > Mac. We haven't yet gotten around to exploring this.
 >
-> See [GCM issue 113][] for more information.
+> See [GCM issue 113][issue-113] for more information.
 
 The entry-point for GCM can be found in the `Git-Credential-Manager`
 project, a console application that targets both .NET and .NET Framework.
@@ -81,7 +81,7 @@ helpers on Windows.
 
 We hope to be able to migrate the WPF/Windows only helpers to [Avalonia][]
 in order to gain cross-platform graphical user interface support. See
-[GCM issue 136][] for up-to-date progress on this effort.
+[GCM issue 136][issue-136] for up-to-date progress on this effort.
 
 ### Microsoft authentication
 
@@ -147,7 +147,7 @@ Git Credential Manager maintains a set of known commands including
 GCM also maintains a set of known, registered host providers that implement
 the `IHostProvider` interface. Providers register themselves by adding an
 instance of the provider to the `Application` object via the `RegisterProvider`
-method in [`Core.Program`][].
+method in [`Core.Program`][core-program].
 The `GenericHostProvider` is registered last so that it can handle all other
 HTTP-based remotes as a catch-all, and provide basic username/password auth and
 detect the presence of Windows Integrated Authentication (Kerberos, NTLM,

docs/autodetect.md

@@ -18,7 +18,7 @@ In order to detect which host provider to use for a self-hosted instance, each
 provider can provide some heuristic matching of the hostname. For example any
 hostname that begins "github.*" will be matched to the GitHub host provider.
 
-If a heuristic matches incorrectly, you can always [explicitly configure][]
+If a heuristic matches incorrectly, you can always [explicitly configure][explicit-config]
 GCM to use a particular provider.
 
 ## Remote URL probing
@@ -28,7 +28,7 @@ URL and inspect HTTP response headers to try and detect a self-hosted instance.
 
 This network call is only performed if neither an exact nor fuzzy match by
 hostname can be made. Only one HTTP `HEAD` call is made per credential request
-received by Git. To avoid this network call, please [explicitly configure][]
+received by Git. To avoid this network call, please [explicitly configure][explicit-config]
 the host provider for your self-hosted instance.
 
 After a successful detection of the host provider, GCM will automatically set
@@ -65,6 +65,6 @@ git config --global credential.ghe.example.com.provider github
 
 [`credential.autoDetectTimeout`]: configuration.md#credentialautodetecttimeout
 [`credential.provider`]: configuration.md#credentialprovider
-[explicitly configure]: #manual-configuration
+[explicit-config]: #manual-configuration
 [`GCM_AUTODETECT_TIMEOUT`]: environment.md#GCM_AUTODETECT_TIMEOUT
 [`GCM_PROVIDER`]: environment.md#GCM_PROVIDER

docs/azrepos-users-and-tokens.md

@@ -18,7 +18,7 @@ Historically, the only option supported by the Azure Repos host provider was
 Azure DevOps Personal Access Tokens (PATs).
 
 These PATs are only used by Azure DevOps, and must be [managed through the Azure
-DevOps user settings page][azure-devops-pats] or [REST API][].
+DevOps user settings page][azure-devops-pats] or [REST API][azure-devops-api].
 
 PATs have a limited lifetime and new tokens must be created once they expire. In
 Git Credential Manager, when a PAT expired (or was manually revoked) this
@@ -188,7 +188,7 @@ inherited).
 
 To associate a user account with a particular Git remote you must manually edit
 the remote URL using `git config` commands to include the username in the
-[user information][] part of the URL.
+[user information][rfc3986-s321] part of the URL.
 
 ```shell
 git config --local remote.origin.url https://alice-alt%[email protected]/project/_git/repo
@@ -221,5 +221,5 @@ fabrikam:
 [azure-devops-pats]: https://docs.microsoft.com/en-us/azure/devops/organizations/accounts/use-personal-access-tokens-to-authenticate?view=azure-devops&tabs=preview-page
 [`credential.azreposCredentialType`]: configuration.md#credentialazreposcredentialtype
 [`GCM_AZREPOS_CREDENTIALTYPE`]: environment.md#GCM_AZREPOS_CREDENTIALTYPE
-[REST API]: https://docs.microsoft.com/en-gb/rest/api/azure/devops/tokens/pats
-[user information]: https://tools.ietf.org/html/rfc3986#section-3.2.1
+[azure-devops-api]: https://docs.microsoft.com/en-gb/rest/api/azure/devops/tokens/pats
+[rfc3986-s321]: https://tools.ietf.org/html/rfc3986#section-3.2.1

docs/bitbucket-development.md

@@ -7,15 +7,15 @@ Additionally Bitbucket supports App-specific passwords which can be used via Bas
 To enhance security Bitbucket offers optional Two-Factor Authentication (2FA). When 2FA is enabled username/password Basic Auth access to the REST APIs and to Git repositories is suspended.
 At that point users are left with the choice of username/apps-specific-password Basic Auth for REST APIs and Git interactions, OAuth for REST APIs and Git/Hg interactions or SSH for Git/HG interactions and one of the previous choices for REST APIs.
 SSH and REST API access are beyond the scope of this document.
-Read about [Bitbucket's 2FA implementation][].
+Read about [Bitbucket's 2FA implementation][2fa-impl].
 
 App-specific passwords are not particularly user friendly as once created Bitbucket hides their value, even from the owner.
 They are intended for use within application that talk to Bitbucket where application can remember and use the app-specific-password.
-[Additional information][].
+[Additional information][additional-info].
 
 OAuth is the intended authentication method for user interactions with HTTPS remote URL for Git repositories when 2FA is active.
 Essentially once a client application has an OAuth access token it can be used in place of a user's password.
-Read more about information [Bitbucket's OAuth implementation][].
+Read more about information [Bitbucket's OAuth implementation][oauth-impl].
 
 Bitbucket's OAuth implementation follows the standard specifications for OAuth 2.0, which is out of scope for this document.
 However it implements a comparatively rare part of OAuth 2.0 Refresh Tokens.
@@ -30,7 +30,7 @@ This is explained in more detail below.
 
 ## Multiple User Accounts
 
-Unlike the GitHub implementation within the Git Credential Manager, the Bitbucket implementation stores 'secrets', passwords, app-specific passwords, or OAuth tokens, with usernames in the [Windows Credential Manager][] vault.
+Unlike the GitHub implementation within the Git Credential Manager, the Bitbucket implementation stores 'secrets', passwords, app-specific passwords, or OAuth tokens, with usernames in the [Windows Credential Manager][wincred-manager] vault.
 
 Depending on the circumstances this means either saving an explicit username in to the Windows Credential Manager/Vault or including the username in the URL used as the identifying key of entries in the Windows Credential Manager vault, i.e. using a key such as `git:https://[email protected]/` rather than `git:https://bitbucket.org`.
 This means that the Bitbucket implementation in the GCM can support multiple accounts, and usernames,  for a single user against Bitbucket, e.g. a personal account and a work account.
@@ -81,10 +81,10 @@ This will download and run a standalone instance of Bitbucket Server which can b
 
 Atlassian has [documentation][] on how to download and install their SDK.
 
-[Additional information]:https://confluence.atlassian.com/display/BITBUCKET/App+passwords
+[additional-info]:https://confluence.atlassian.com/display/BITBUCKET/App+passwords
 [atlas-run-standalone]: https://developer.atlassian.com/server/framework/atlassian-sdk/atlas-run-standalone/
 [bitbucket.org]: https://bitbucket.org
-[Bitbucket's 2FA implementation]: https://confluence.atlassian.com/bitbucket/two-step-verification-777023203.html
-[Bitbucket's OAuth implementation]: https://confluence.atlassian.com/bitbucket/oauth-on-bitbucket-cloud-238027431.html
+[2fa-impl]: https://confluence.atlassian.com/bitbucket/two-step-verification-777023203.html
+[oauth-impl]: https://confluence.atlassian.com/bitbucket/oauth-on-bitbucket-cloud-238027431.html
 [documentation]: https://developer.atlassian.com/server/framework/atlassian-sdk/
-[Windows Credential Manager]: https://msdn.microsoft.com/en-us/library/windows/desktop/aa374792(v=vs.85).aspx
+[wincred-manager]: https://msdn.microsoft.com/en-us/library/windows/desktop/aa374792(v=vs.85).aspx