docs: removes links to repo settings not accessible for non-maintainers

Author: hartmut-co-uk

README.md

@@ -91,7 +91,7 @@ The GH actions job [callable.publish-sonatype.yml](.github/workflows/callable.pu
 | `GPG_SIGNING_KEY`        | The GPG private key to sign your artifacts (in ascii-armored format). You can obtain it with `gpg --armor --export-secret-keys <[email protected]>` or you can create one key online on [pgpkeygen.com](https://pgpkeygen.com). |
 | `GPG_SIGNING_PASSPHRASE` | The passphrase for unlocking the secret key. (you picked it when creating the key).                                                                                                                                           |
 
-Please define the secrets via your repository settings. ([Settings > Security > Secrets and variables > Actions](settings/secrets/actions))
+Please define the secrets via your repository settings. (Settings > Security > Secrets and variables > Actions)
 <img width="800" alt="Preview of Javadoc published to GitHub Pages by the CI/CD pipeline" src="https://github.com/thriving-dev/java-library-template/assets/10864443/e6cf928c-6665-43fc-9506-c29d210b18de">
 
 ## Release Process
@@ -144,7 +144,7 @@ To host the generated Javadoc, configure GitHub Pages for your repository to dep
 
 ## Security & CodeQL Analysis
 ### Common Vulnerabilities and Exposures (CVE)
-The libraries gradle dependencies are scanned for known [CVE](https://www.cve.org/) with **[aquasecurity/trivy](https://github.com/aquasecurity/trivy)**. The scan results can be reviewed and managed under [Security > Vulnerability alerts > Code scanning](https://github.com/thriving-dev/java-library-template/security/code-scanning).
+The libraries gradle dependencies are scanned for known [CVE](https://www.cve.org/) with **[aquasecurity/trivy](https://github.com/aquasecurity/trivy)**. The scan results can be reviewed and managed under 'Security > Vulnerability alerts > Code scanning'.
 
 Scans are triggered 
 1. with each main CI/CD pipeline run