Update docs/Concise-Guide-for-Developing-More-Secure-Software.md

Co-authored-by: Georg Kunz <[email protected]>
Signed-off-by: David A. Wheeler <[email protected]>

Author: david-a-wheeler

docs/Concise-Guide-for-Developing-More-Secure-Software.md

@@ -36,7 +36,7 @@ Here is a concise guide for all software developers for secure software developm
 27. **If a source code (unbuilt) package is released, it should only include content from the version control system (VCS), and source package users should rebuild, if needed, to create production (built) package(s)**. E.g., if autotools is used, if a source package is released it should _not_ include a generated `configure` file, while recipients should ignore pre-generated files like `configure` and instead rebuild from source (e.g., with `autoreconf`). This eliminates a malware-hiding mechanism, as illustrated by an attack on [xz utils](https://access.redhat.com/security/cve/CVE-2024-3094).
 28. **Ensure production websites only load assets from your own domains**. _Linking_ to other domains is fine, but where practical, don't directly load assets such as JavaScript, CSS, and media (including images) from domains you do not control. If you do, your site might be subverted if that other domain is subverted, so investigate the risks before doing so. See the [subverted polyfill.io revelation in 2024](https://blog.qualys.com/vulnerabilities-threat-research/2024/06/28/polyfill-io-supply-chain-attack).
 29. **Apply focused security guidelines**. Consult focused [OpenSSF guides](https://openssf.org/resources/guides/) as applicable, such as the
-[Compiler Options Hardening Guide for C and C++])[https://best.openssf.org/Compiler-Hardening-Guides/Compiler-Options-Hardening-Guide-for-C-and-C++],
+[Compiler Options Hardening Guide for C and C++](https://best.openssf.org/Compiler-Hardening-Guides/Compiler-Options-Hardening-Guide-for-C-and-C++),
 [npm Best Practices Guide](https://github.com/ossf/package-manager-best-practices/blob/main/published/npm.md#readme), and the guide to [Correctly Using Regular Expressions for Secure Input Validation](https://best.openssf.org/Correctly-Using-Regular-Expressions).
 
 We welcome suggestions and updates! Please open an [issue](https://github.com/ossf/wg-best-practices-os-developers/issues/) or post a [pull request](https://github.com/ossf/wg-best-practices-os-developers/pulls).