doc: add explicit bracket for markdown reference links

Use explicit trailing `[]` for reference markdown links to prevent
implicit links when references are added to documents.

PR-URL: https://github.com/nodejs/node/pull/29808
Reviewed-By: Ruben Bridgewater <ruben@bridgewater.de>
Reviewed-By: David Carlier <devnexen@gmail.com>
Reviewed-By: Colin Ihrig <cjihrig@gmail.com>

17 files changed, 93 insertions, 91 deletions

diff --git a/doc/api/assert.md b/doc/api/assert.md
index e89bfcd21d..c2978b1f4f 100644
--- a/doc/api/assert.md
+++ b/doc/api/assert.md
@@ -34,9 +34,9 @@ All instances contain the built-in `Error` properties (`message` and `name`)
 and:
 
 * `actual` {any} Set to the `actual` argument for methods such as
-  [`assert.strictEqual()`].
+  [`assert.strictEqual()`][].
 * `expected` {any} Set to the `expected` value for methods such as
-  [`assert.strictEqual()`].
+  [`assert.strictEqual()`][].
 * `generatedMessage` {boolean} Indicates if the message was auto-generated
   (`true`) or not.
 * `code` {string} Value is always `ERR_ASSERTION` to show that the error is an
@@ -639,7 +639,7 @@ If `message` is falsy, the error message is set as the values of `actual` and
 `message` is provided as third argument it will be used as the error message and
 the other arguments will be stored as properties on the thrown object. If
 `stackStartFn` is provided, all stack frames above that function will be
-removed from stacktrace (see [`Error.captureStackTrace`]). If no arguments are
+removed from stacktrace (see [`Error.captureStackTrace`][]). If no arguments are
 given, the default message `Failed` will be used.
 
 ```js
diff --git a/doc/api/crypto.md b/doc/api/crypto.md
index ba1582bd78..0c98506f1b 100644
--- a/doc/api/crypto.md
+++ b/doc/api/crypto.md
@@ -2076,7 +2076,7 @@ and Ed448 are currently supported.
 
 If a `publicKeyEncoding` or `privateKeyEncoding` was specified, this function
 behaves as if [`keyObject.export()`][] had been called on its result. Otherwise,
-the respective part of the key is returned as a [`KeyObject`].
+the respective part of the key is returned as a [`KeyObject`][].
 
 It is recommended to encode public keys as `'spki'` and private keys as
 `'pkcs8'` with encryption for long-term storage:
@@ -2136,7 +2136,7 @@ and Ed448 are currently supported.
 
 If a `publicKeyEncoding` or `privateKeyEncoding` was specified, this function
 behaves as if [`keyObject.export()`][] had been called on its result. Otherwise,
-the respective part of the key is returned as a [`KeyObject`].
+the respective part of the key is returned as a [`KeyObject`][].
 
 When encoding public keys, it is recommended to use `'spki'`. When encoding
 private keys, it is recommended to use `'pks8'` with a strong passphrase, and to
diff --git a/doc/api/deprecations.md b/doc/api/deprecations.md
index 08f45c396e..eaaa5090f8 100644
--- a/doc/api/deprecations.md
+++ b/doc/api/deprecations.md
@@ -2516,8 +2516,8 @@ changes:
 
 Type: Documentation-only
 
-Prefer [`response.socket`][] over [`response.connection`] and
-[`request.socket`][] over [`request.connection`].
+Prefer [`response.socket`][] over [`response.connection`][] and
+[`request.socket`][] over [`request.connection`][].
 
 <a id="DEP0134"></a>
 ### DEP0134: process._tickCallback
diff --git a/doc/api/errors.md b/doc/api/errors.md
index b0666f0c9b..e13e25827e 100644
--- a/doc/api/errors.md
+++ b/doc/api/errors.md
@@ -460,12 +460,12 @@ system error.
 * {number}
 
 The `error.errno` property is a negative number which corresponds
-to the error code defined in [`libuv Error handling`].
+to the error code defined in [`libuv Error handling`][].
 
 On Windows the error number provided by the system will be normalized by libuv.
 
 To get the string representation of the error code, use
-[`util.getSystemErrorName(error.errno)`].
+[`util.getSystemErrorName(error.errno)`][].
 
 ### error.info
 
@@ -1285,8 +1285,8 @@ semantics for determining whether a path can be used is platform-dependent.
 ### ERR_INVALID_HANDLE_TYPE
 
 An attempt was made to send an unsupported "handle" over an IPC communication
-channel to a child process. See [`subprocess.send()`] and [`process.send()`] for
-more information.
+channel to a child process. See [`subprocess.send()`][] and [`process.send()`][]
+for more information.
 
 <a id="ERR_INVALID_HTTP_TOKEN"></a>
 ### ERR_INVALID_HTTP_TOKEN
@@ -1438,7 +1438,7 @@ for more information.
 ### ERR_MANIFEST_ASSERT_INTEGRITY
 
 An attempt was made to load a resource, but the resource did not match the
-integrity defined by the policy manifest. See the documentation for [policy]
+integrity defined by the policy manifest. See the documentation for [policy][]
 manifests for more information.
 
 <a id="ERR_MANIFEST_DEPENDENCY_MISSING"></a>
@@ -1446,7 +1446,7 @@ manifests for more information.
 
 An attempt was made to load a resource, but the resource was not listed as a
 dependency from the location that attempted to load it. See the documentation
-for [policy] manifests for more information.
+for [policy][] manifests for more information.
 
 <a id="ERR_MANIFEST_INTEGRITY_MISMATCH"></a>
 ### ERR_MANIFEST_INTEGRITY_MISMATCH
@@ -1454,20 +1454,20 @@ for [policy] manifests for more information.
 An attempt was made to load a policy manifest, but the manifest had multiple
 entries for a resource which did not match each other. Update the manifest
 entries to match in order to resolve this error. See the documentation for
-[policy] manifests for more information.
+[policy][] manifests for more information.
 
 <a id="ERR_MANIFEST_INVALID_RESOURCE_FIELD"></a>
 ### ERR_MANIFEST_INVALID_RESOURCE_FIELD
 
 A policy manifest resource had an invalid value for one of its fields. Update
 the manifest entry to match in order to resolve this error. See the
-documentation for [policy] manifests for more information.
+documentation for [policy][] manifests for more information.
 
 <a id="ERR_MANIFEST_PARSE_POLICY"></a>
 ### ERR_MANIFEST_PARSE_POLICY
 
 An attempt was made to load a policy manifest, but the manifest was unable to
-be parsed. See the documentation for [policy] manifests for more information.
+be parsed. See the documentation for [policy][] manifests for more information.
 
 <a id="ERR_MANIFEST_TDZ"></a>
 ### ERR_MANIFEST_TDZ
@@ -1479,7 +1479,7 @@ initialization has not yet taken place. This is likely a bug in Node.js.
 ### ERR_MANIFEST_UNKNOWN_ONERROR
 
 A policy manifest was loaded, but had an unknown value for its "onerror"
-behavior. See the documentation for [policy] manifests for more information.
+behavior. See the documentation for [policy][] manifests for more information.
 
 <a id="ERR_MEMORY_ALLOCATION_FAILED"></a>
 ### ERR_MEMORY_ALLOCATION_FAILED
diff --git a/doc/api/fs.md b/doc/api/fs.md
index 7ea6835387..c22e169f1c 100644
--- a/doc/api/fs.md
+++ b/doc/api/fs.md
@@ -3133,7 +3133,7 @@ Using `fs.stat()` to check for the existence of a file before calling
 Instead, user code should open/read/write the file directly and handle the
 error raised if the file is not available.
 
-To check if a file exists without manipulating it afterwards, [`fs.access()`]
+To check if a file exists without manipulating it afterwards, [`fs.access()`][]
 is recommended.
 
 For example, given the following folder structure:
@@ -3541,12 +3541,13 @@ The recursive option is only supported on macOS and Windows.
 This feature depends on the underlying operating system providing a way
 to be notified of filesystem changes.
 
-* On Linux systems, this uses [`inotify(7)`].
-* On BSD systems, this uses [`kqueue(2)`].
-* On macOS, this uses [`kqueue(2)`] for files and [`FSEvents`] for directories.
-* On SunOS systems (including Solaris and SmartOS), this uses [`event ports`].
-* On Windows systems, this feature depends on [`ReadDirectoryChangesW`].
-* On Aix systems, this feature depends on [`AHAFS`], which must be enabled.
+* On Linux systems, this uses [`inotify(7)`][].
+* On BSD systems, this uses [`kqueue(2)`][].
+* On macOS, this uses [`kqueue(2)`][] for files and [`FSEvents`][] for
+  directories.
+* On SunOS systems (including Solaris and SmartOS), this uses [`event ports`][].
+* On Windows systems, this feature depends on [`ReadDirectoryChangesW`][].
+* On Aix systems, this feature depends on [`AHAFS`][], which must be enabled.
 
 If the underlying functionality is not available for some reason, then
 `fs.watch` will not be able to function. For example, watching files or
diff --git a/doc/api/globals.md b/doc/api/globals.md
index f3263c22e7..89592b98e1 100644
--- a/doc/api/globals.md
+++ b/doc/api/globals.md
@@ -30,11 +30,11 @@ Used to handle binary data. See the [buffer section][].
 
 ## \_\_dirname
 
-This variable may appear to be global but is not. See [`__dirname`].
+This variable may appear to be global but is not. See [`__dirname`][].
 
 ## \_\_filename
 
-This variable may appear to be global but is not. See [`__filename`].
+This variable may appear to be global but is not. See [`__filename`][].
 
 ## clearImmediate(immediateObject)
 <!-- YAML
@@ -43,7 +43,7 @@ added: v0.9.1
 
 <!--type=global-->
 
-[`clearImmediate`] is described in the [timers][] section.
+[`clearImmediate`][] is described in the [timers][] section.
 
 ## clearInterval(intervalObject)
 <!-- YAML
@@ -52,7 +52,7 @@ added: v0.0.1
 
 <!--type=global-->
 
-[`clearInterval`] is described in the [timers][] section.
+[`clearInterval`][] is described in the [timers][] section.
 
 ## clearTimeout(timeoutObject)
 <!-- YAML
@@ -61,7 +61,7 @@ added: v0.0.1
 
 <!--type=global-->
 
-[`clearTimeout`] is described in the [timers][] section.
+[`clearTimeout`][] is described in the [timers][] section.
 
 ## console
 <!-- YAML
@@ -76,7 +76,7 @@ Used to print to stdout and stderr. See the [`console`][] section.
 
 ## exports
 
-This variable may appear to be global but is not. See [`exports`].
+This variable may appear to be global but is not. See [`exports`][].
 
 ## global
 <!-- YAML
@@ -94,7 +94,7 @@ Node.js this is different. The top-level scope is not the global scope;
 
 ## module
 
-This variable may appear to be global but is not. See [`module`].
+This variable may appear to be global but is not. See [`module`][].
 
 ## process
 <!-- YAML
@@ -148,7 +148,7 @@ DataHandler.prototype.load = async function load(key) {
 
 ## require()
 
-This variable may appear to be global but is not. See [`require()`].
+This variable may appear to be global but is not. See [`require()`][].
 
 ## setImmediate(callback[, ...args])
 <!-- YAML
@@ -157,7 +157,7 @@ added: v0.9.1
 
 <!-- type=global -->
 
-[`setImmediate`] is described in the [timers][] section.
+[`setImmediate`][] is described in the [timers][] section.
 
 ## setInterval(callback, delay[, ...args])
 <!-- YAML
@@ -166,7 +166,7 @@ added: v0.0.1
 
 <!-- type=global -->
 
-[`setInterval`] is described in the [timers][] section.
+[`setInterval`][] is described in the [timers][] section.
 
 ## setTimeout(callback, delay[, ...args])
 <!-- YAML
@@ -175,7 +175,7 @@ added: v0.0.1
 
 <!-- type=global -->
 
-[`setTimeout`] is described in the [timers][] section.
+[`setTimeout`][] is described in the [timers][] section.
 
 ## TextDecoder
 <!-- YAML
diff --git a/doc/api/http.md b/doc/api/http.md
index f1d787adaa..73de8c36b2 100644
--- a/doc/api/http.md
+++ b/doc/api/http.md
@@ -71,7 +71,7 @@ the requests to that server, but each one will occur over a new connection.
 When a connection is closed by the client or the server, it is removed
 from the pool. Any unused sockets in the pool will be unrefed so as not
 to keep the Node.js process running when there are no outstanding requests.
-(see [`socket.unref()`]).
+(see [`socket.unref()`][]).
 
 It is good practice, to [`destroy()`][] an `Agent` instance when it is no
 longer in use, because unused sockets consume OS resources.
diff --git a/doc/api/http2.md b/doc/api/http2.md
index a204f53e3b..03d3ff21a8 100644
--- a/doc/api/http2.md
+++ b/doc/api/http2.md
@@ -500,7 +500,7 @@ added: v9.4.0
 -->
 
 Calls [`ref()`][`net.Socket.prototype.ref()`] on this `Http2Session`
-instance's underlying [`net.Socket`].
+instance's underlying [`net.Socket`][].
 
 #### http2session.remoteSettings
 <!-- YAML
@@ -613,7 +613,7 @@ added: v9.4.0
 -->
 
 Calls [`unref()`][`net.Socket.prototype.unref()`] on this `Http2Session`
-instance's underlying [`net.Socket`].
+instance's underlying [`net.Socket`][].
 
 ### Class: ServerHttp2Session
 <!-- YAML
@@ -1757,7 +1757,7 @@ added: v8.4.0
 
 Stops the server from establishing new sessions. This does not prevent new
 request streams from being created due to the persistent nature of HTTP/2
-sessions. To gracefully shut down the server, call [`http2session.close()`] on
+sessions. To gracefully shut down the server, call [`http2session.close()`][] on
 all active sessions.
 
 If `callback` is provided, it is not invoked until all active sessions have been
@@ -1907,7 +1907,7 @@ added: v8.4.0
 
 Stops the server from establishing new sessions. This does not prevent new
 request streams from being created due to the persistent nature of HTTP/2
-sessions. To gracefully shut down the server, call [`http2session.close()`] on
+sessions. To gracefully shut down the server, call [`http2session.close()`][] on
 all active sessions.
 
 If `callback` is provided, it is not invoked until all active sessions have been
@@ -3410,7 +3410,7 @@ added: v8.4.0
   * `stream` {ServerHttp2Stream} The newly-created `ServerHttp2Stream` object
 
 Call [`http2stream.pushStream()`][] with the given headers, and wrap the
-given [`Http2Stream`] on a newly created `Http2ServerResponse` as the callback
+given [`Http2Stream`][] on a newly created `Http2ServerResponse` as the callback
 parameter if successful. When `Http2ServerRequest` is closed, the callback is
 called with an error `ERR_HTTP2_INVALID_STREAM`.
 
diff --git a/doc/api/inspector.md b/doc/api/inspector.md
index 3d9a956f09..3205cce714 100644
--- a/doc/api/inspector.md
+++ b/doc/api/inspector.md
@@ -137,7 +137,7 @@ added: v8.0.0
 -->
 
 Immediately close the session. All pending message callbacks will be called
-with an error. [`session.connect()`] will need to be called to be able to send
+with an error. [`session.connect()`][] will need to be called to be able to send
 messages again. Reconnected session will lose all inspector state, such as
 enabled agents or configured breakpoints.
 
diff --git a/doc/api/process.md b/doc/api/process.md
index 2918c21bf7..0ea80c6e33 100644
--- a/doc/api/process.md
+++ b/doc/api/process.md
@@ -80,7 +80,7 @@ all `'exit'` listeners have finished running the Node.js process will terminate.
 
 The listener callback function is invoked with the exit code specified either
 by the [`process.exitCode`][] property, or the `exitCode` argument passed to the
-[`process.exit()`] method.
+[`process.exit()`][] method.
 
 ```js
 process.on('exit', (code) => {
@@ -570,8 +570,8 @@ added: v0.1.27
 
 The `process.argv` property returns an array containing the command line
 arguments passed when the Node.js process was launched. The first element will
-be [`process.execPath`]. See `process.argv0` if access to the original value of
-`argv[0]` is needed. The second element will be the path to the JavaScript
+be [`process.execPath`][]. See `process.argv0` if access to the original value
+of `argv[0]` is needed. The second element will be the path to the JavaScript
 file being executed. The remaining elements will be any additional command line
 arguments.
 
@@ -1122,7 +1122,7 @@ added: v0.1.13
 The `process.exit()` method instructs Node.js to terminate the process
 synchronously with an exit status of `code`. If `code` is omitted, exit uses
 either the 'success' code `0` or the value of `process.exitCode` if it has been
-set. Node.js will not terminate until all the [`'exit'`] event listeners are
+set. Node.js will not terminate until all the [`'exit'`][] event listeners are
 called.
 
 To exit with a 'failure' code:
@@ -1506,7 +1506,7 @@ changes:
 fully drained after the current operation on the JavaScript stack runs to
 completion and before the event loop is allowed to continue. It's possible to
 create an infinite loop if one were to recursively call `process.nextTick()`.
-See the [Event Loop] guide for more background.
+See the [Event Loop][] guide for more background.
 
 ```js
 console.log('start');
diff --git a/doc/api/readline.md b/doc/api/readline.md
index 898d7e005f..03fdc44172 100644
--- a/doc/api/readline.md
+++ b/doc/api/readline.md
@@ -5,7 +5,8 @@
 > Stability: 2 - Stable
 
 The `readline` module provides an interface for reading data from a [Readable][]
-stream (such as [`process.stdin`]) one line at a time. It can be accessed using:
+stream (such as [`process.stdin`][]) one line at a time. It can be accessed
+using:
 
 ```js
 const readline = require('readline');
diff --git a/doc/api/stream.md b/doc/api/stream.md
index 5fd73cb2fb..c6b0e3d551 100644
--- a/doc/api/stream.md
+++ b/doc/api/stream.md
@@ -89,7 +89,7 @@ total size of the internal write buffer is below the threshold set by
 the size of the internal buffer reaches or exceeds the `highWaterMark`, `false`
 will be returned.
 
-A key goal of the `stream` API, particularly the [`stream.pipe()`] method,
+A key goal of the `stream` API, particularly the [`stream.pipe()`][] method,
 is to limit the buffering of data to acceptable levels such that sources and
 destinations of differing speeds will not overwhelm the available memory.
 
@@ -686,7 +686,7 @@ from the stream.
 
 Adding a [`'readable'`][] event handler automatically make the stream to
 stop flowing, and the data to be consumed via
-[`readable.read()`][stream-read]. If the [`'readable'`] event handler is
+[`readable.read()`][stream-read]. If the [`'readable'`][] event handler is
 removed, then the stream will start flowing again if there is a
 [`'data'`][] event handler.
 
@@ -1657,10 +1657,10 @@ on the type of stream being created, as detailed in the chart below:
 
 | Use-case | Class | Method(s) to implement |
 | -------- | ----- | ---------------------- |
-| Reading only | [`Readable`] | <code>[_read()][stream-_read]</code> |
-| Writing only | [`Writable`] | <code>[_write()][stream-_write]</code>, <code>[_writev()][stream-_writev]</code>, <code>[_final()][stream-_final]</code> |
-| Reading and writing | [`Duplex`] | <code>[_read()][stream-_read]</code>, <code>[_write()][stream-_write]</code>, <code>[_writev()][stream-_writev]</code>, <code>[_final()][stream-_final]</code> |
-| Operate on written data, then read the result | [`Transform`] | <code>[_transform()][stream-_transform]</code>, <code>[_flush()][stream-_flush]</code>, <code>[_final()][stream-_final]</code> |
+| Reading only | [`Readable`][] | [`_read()`][stream-_read] |
+| Writing only | [`Writable`][] | [`_write()`][stream-_write], [`_writev()`][stream-_writev], [`_final()`][stream-_final] |
+| Reading and writing | [`Duplex`][] | [`_read()`][stream-_read], [`_write()`][stream-_write], [`_writev()`][stream-_writev], [`_final()`][stream-_final] |
+| Operate on written data, then read the result | [`Transform`][] | [`_transform()`][stream-_transform], [`_flush()`][stream-_flush], [`_final()`][stream-_final] |
 
 The implementation code for a stream should *never* call the "public" methods
 of a stream that are intended for use by consumers (as described in the
@@ -1885,7 +1885,7 @@ or write buffered data before a stream ends.
 #### Errors While Writing
 
 Errors occurring during the processing of the [`writable._write()`][],
-[`writable._writev()`][] and [`writable._final()`] methods must be propagated
+[`writable._writev()`][] and [`writable._final()`][] methods must be propagated
 by invoking the callback and passing the error as the first argument.
 Throwing an `Error` from within these methods or manually emitting an `'error'`
 event results in undefined behavior.
diff --git a/doc/api/timers.md b/doc/api/timers.md
index 66ee2ca97e..a99dd1c41e 100644
--- a/doc/api/timers.md
+++ b/doc/api/timers.md
@@ -136,7 +136,7 @@ added: v0.9.1
 -->
 
 * `callback` {Function} The function to call at the end of this turn of
-  [the Node.js Event Loop]
+  the Node.js [Event Loop][]
 * `...args` {any} Optional arguments to pass when the `callback` is called.
 * Returns: {Immediate} for use with [`clearImmediate()`][]
 
diff --git a/doc/api/tls.md b/doc/api/tls.md
index 297c1e7fd4..d90affa4c3 100644
--- a/doc/api/tls.md
+++ b/doc/api/tls.md
@@ -68,12 +68,12 @@ Where:
 
 <!-- type=misc -->
 
-The term "[Forward Secrecy]" or "Perfect Forward Secrecy" describes a feature of
-key-agreement (i.e., key-exchange) methods. That is, the server and client keys
-are used to negotiate new temporary keys that are used specifically and only for
-the current communication session. Practically, this means that even if the
-server's private key is compromised, communication can only be decrypted by
-eavesdroppers if the attacker manages to obtain the key-pair specifically
+The term "[Forward Secrecy][]" or "Perfect Forward Secrecy" describes a feature
+of key-agreement (i.e., key-exchange) methods. That is, the server and client
+keys are used to negotiate new temporary keys that are used specifically and
+only for the current communication session. Practically, this means that even
+if the server's private key is compromised, communication can only be decrypted
+by eavesdroppers if the attacker manages to obtain the key-pair specifically
 generated for the session.
 
 Perfect Forward Secrecy is achieved by randomly generating a key pair for
@@ -83,8 +83,8 @@ all sessions). Methods implementing this technique are called "ephemeral".
 Currently two methods are commonly used to achieve Perfect Forward Secrecy (note
 the character "E" appended to the traditional abbreviations):
 
-* [DHE] - An ephemeral version of the Diffie Hellman key-agreement protocol.
-* [ECDHE] - An ephemeral version of the Elliptic Curve Diffie Hellman
+* [DHE][] - An ephemeral version of the Diffie Hellman key-agreement protocol.
+* [ECDHE][] - An ephemeral version of the Elliptic Curve Diffie Hellman
   key-agreement protocol.
 
 Ephemeral methods may have some performance drawbacks, because key generation
@@ -102,7 +102,7 @@ openssl dhparam -outform PEM -out dhparam.pem 2048
 If using Perfect Forward Secrecy using `ECDHE`, Diffie-Hellman parameters are
 not required and a default ECDHE curve will be used. The `ecdhCurve` property
 can be used when creating a TLS Server to specify the list of names of supported
-curves to use, see [`tls.createServer()`] for more info.
+curves to use, see [`tls.createServer()`][] for more info.
 
 Perfect Forward Secrecy was optional up to TLSv1.2, but it is not optional for
 TLSv1.3, because all TLSv1.3 cipher suites use ECDHE.
@@ -279,8 +279,8 @@ node server.js
 
 The default can also be replaced on a per client or server basis using the
 `ciphers` option from [`tls.createSecureContext()`][], which is also available
-in [`tls.createServer()`], [`tls.connect()`], and when creating new
-[`tls.TLSSocket`]s.
+in [`tls.createServer()`][], [`tls.connect()`][], and when creating new
+[`tls.TLSSocket`][]s.
 
 The ciphers list can contain a mixture of TLSv1.3 cipher suite names, the ones
 that start with `'TLS_'`, and specifications for TLSv1.2 and below cipher
@@ -303,16 +303,16 @@ of an application. The `--tls-cipher-list` switch and `ciphers` option should by
 used only if absolutely necessary.
 
 The default cipher suite prefers GCM ciphers for [Chrome's 'modern
-cryptography' setting] and also prefers ECDHE and DHE ciphers for Perfect
+cryptography' setting][] and also prefers ECDHE and DHE ciphers for Perfect
 Forward Secrecy, while offering *some* backward compatibility.
 
 128 bit AES is preferred over 192 and 256 bit AES in light of [specific
-attacks affecting larger AES key sizes].
+attacks affecting larger AES key sizes][].
 
 Old clients that rely on insecure and deprecated RC4 or DES-based ciphers
 (like Internet Explorer 6) cannot complete the handshaking process with
 the default configuration. If these clients _must_ be supported, the
-[TLS recommendations] may offer a compatible cipher suite. For more details
+[TLS recommendations][] may offer a compatible cipher suite. For more details
 on the format, see the OpenSSL [cipher list format][] documentation.
 
 There are only 5 TLSv1.3 cipher suites:
@@ -415,7 +415,7 @@ The typical flow of an OCSP Request is as follows:
 2. Server receives the request and emits the `'OCSPRequest'` event, calling the
    listener if registered.
 3. Server extracts the OCSP URL from either the `certificate` or `issuer` and
-   performs an [OCSP request] to the CA.
+   performs an [OCSP request][] to the CA.
 4. Server receives `'OCSPResponse'` from the CA and sends it back to the client
    via the `callback` argument
 5. Client validates the response and either destroys the socket or performs a
@@ -428,7 +428,7 @@ via the `ca` option when establishing the TLS connection.)
 Listening for this event will have an effect only on connections established
 after the addition of the event listener.
 
-An npm module like [asn1.js] may be used to parse the certificates.
+An npm module like [asn1.js][] may be used to parse the certificates.
 
 ### Event: 'resumeSession'
 <!-- YAML
@@ -1416,7 +1416,7 @@ changes:
     provided.
     For PEM encoded certificates, supported types are "TRUSTED CERTIFICATE",
     "X509 CERTIFICATE", and "CERTIFICATE".
-    See also [`tls.rootCertificates`].
+    See also [`tls.rootCertificates`][].
   * `cert` {string|string[]|Buffer|Buffer[]} Cert chains in PEM format. One cert
     chain should be provided per private key. Each cert chain should consist of
     the PEM formatted certificate for a provided private `key`, followed by the
@@ -1452,7 +1452,7 @@ changes:
     curve automatically. Use [`crypto.getCurves()`][] to obtain a list of
     available curve names. On recent releases, `openssl ecparam -list_curves`
     will also display the name and description of each available elliptic curve.
-    **Default:** [`tls.DEFAULT_ECDH_CURVE`].
+    **Default:** [`tls.DEFAULT_ECDH_CURVE`][].
   * `honorCipherOrder` {boolean} Attempt to use the server's cipher suite
     preferences instead of the client's. When `true`, causes
     `SSL_OP_CIPHER_SERVER_PREFERENCE` to be set in `secureOptions`, see
@@ -1653,7 +1653,7 @@ added: v12.3.0
 
 An immutable array of strings representing the root certificates (in PEM format)
 used for verifying peer certificates. This is the default value of the `ca`
-option to [`tls.createSecureContext()`].
+option to [`tls.createSecureContext()`][].
 
 ## tls.DEFAULT_ECDH_CURVE
 <!-- YAML
@@ -1665,7 +1665,7 @@ changes:
 -->
 
 The default curve name to use for ECDH key agreement in a tls server. The
-default value is `'auto'`. See [`tls.createSecureContext()`] for further
+default value is `'auto'`. See [`tls.createSecureContext()`][] for further
 information.
 
 ## tls.DEFAULT_MAX_VERSION
diff --git a/doc/api/tracing.md b/doc/api/tracing.md
index 64622d6b50..999c7d7230 100644
--- a/doc/api/tracing.md
+++ b/doc/api/tracing.md
@@ -14,8 +14,8 @@ accepts a list of comma-separated category names.
 The available categories are:
 
 * `node` - An empty placeholder.
-* `node.async_hooks` - Enables capture of detailed [`async_hooks`] trace data.
-  The [`async_hooks`] events have a unique `asyncId` and a special `triggerId`
+* `node.async_hooks` - Enables capture of detailed [`async_hooks`][] trace data.
+  The [`async_hooks`][] events have a unique `asyncId` and a special `triggerId`
   `triggerAsyncId` property.
 * `node.bootstrap` - Enables capture of Node.js bootstrap milestones.
 * `node.console` - Enables capture of `console.time()` and `console.count()`
@@ -23,7 +23,7 @@ The available categories are:
 * `node.dns.native` - Enables capture of trace data for DNS queries.
 * `node.environment` - Enables capture of Node.js Environment milestones.
 * `node.fs.sync` - Enables capture of trace data for file system sync methods.
-* `node.perf` - Enables capture of [Performance API] measurements.
+* `node.perf` - Enables capture of [Performance API][] measurements.
   * `node.perf.usertiming` - Enables capture of only Performance API User Timing
     measures and marks.
   * `node.perf.timerify` - Enables capture of only Performance API timerify
@@ -32,7 +32,7 @@ The available categories are:
   of unhandled Promise rejections and handled-after-rejections.
 * `node.vm.script` - Enables capture of trace data for the `vm` module's
   `runInNewContext()`, `runInContext()`, and `runInThisContext()` methods.
-* `v8` - The [V8] events are GC, compiling, and execution related.
+* `v8` - The [V8][] events are GC, compiling, and execution related.
 
 By default the `node`, `node.async_hooks`, and `v8` categories are enabled.
 
diff --git a/doc/api/util.md b/doc/api/util.md
index 118c2a4d0d..ace167fb43 100644
--- a/doc/api/util.md
+++ b/doc/api/util.md
@@ -1776,7 +1776,7 @@ The `util._extend()` method was never intended to be used outside of internal
 Node.js modules. The community found and used it anyway.
 
 It is deprecated and should not be used in new code. JavaScript comes with very
-similar built-in functionality through [`Object.assign()`].
+similar built-in functionality through [`Object.assign()`][].
 
 ### util.isArray(object)
 <!-- YAML
diff --git a/doc/guides/maintaining-V8.md b/doc/guides/maintaining-V8.md
index 98b543ef2d..d33b745ac5 100644
--- a/doc/guides/maintaining-V8.md
+++ b/doc/guides/maintaining-V8.md
@@ -162,9 +162,9 @@ process.
 
 ### Unfixed Upstream Bugs
 
-If the bug can be reproduced on the [Node.js `canary` branch], Chromium canary,
-or V8 tip-of-tree, and the test case is valid, then the bug needs to be fixed
-upstream first.
+If the bug can be reproduced on the [Node.js `canary` branch][], Chromium
+canary, or V8 tip-of-tree, and the test case is valid, then the bug needs to be
+fixed upstream first.
 
 * Start by opening a bug upstream using [this template][V8TemplateUpstreamBug].
 * Make sure to include a link to the corresponding Node.js issue
@@ -226,12 +226,12 @@ to be cherry-picked in the Node.js repository and V8-CI must test the change.
     V8 team to get help with reimplementing the patch.
   * Open a cherry-pick PR on `nodejs/node` targeting the *vY.x-staging* branch
     and notify the `@nodejs/v8` team.
-  * Run the Node.js [V8 CI] in addition to the [Node.js CI].
+  * Run the Node.js [V8 CI][] in addition to the [Node.js CI][].
     The CI uses the `test-v8` target in the `Makefile`, which uses
     `tools/make-v8.sh` to reconstruct a git tree in the `deps/v8` directory to
     run V8 tests.
 
-The [`git-node`] tool can be used to simplify this task. Run
+The [`git-node`][] tool can be used to simplify this task. Run
 `git node v8 backport <sha>` to cherry-pick a commit.
 
 An example for workflow how to cherry-pick consider the bug
@@ -275,8 +275,8 @@ PR-URL: https://github.com/nodejs/node/pull/7833
 ```
 
 * Open a PR against the `v6.x-staging` branch in the Node.js repo. Launch the
-  normal and [V8 CI] using the Node.js CI system. We only needed to backport to
-  `v6.x` as the other LTS branches weren't affected by this bug.
+  normal and [V8 CI][] using the Node.js CI system. We only needed to backport
+  to `v6.x` as the other LTS branches weren't affected by this bug.
 
 ### Backports Identified by the V8 team
 
@@ -340,7 +340,7 @@ curl -L https://github.com/v8/v8/compare/${V8_OLD_VERSION}...${V8_NEW_VERSION}.p
 V8 also keeps tags of the form *5.4-lkgr* which point to the *Last Known Good
 Revision* from the 5.4 branch that can be useful in the update process above.
 
-The [`git-node`] tool can be used to simplify this task. Run `git node v8 minor`
+The [`git-node`][] tool can be used to simplify this task. Run `git node v8 minor`
 to apply a minor update.
 
 ### Major Updates
@@ -367,8 +367,8 @@ To audit for floating patches:
 git log --oneline deps/v8
 ```
 
-To replace the copy of V8 in Node.js, use the [`git-node`] tool. For example, if
-you want to replace the copy of V8 in Node.js with the branch-head for V8 5.1
+To replace the copy of V8 in Node.js, use the [`git-node`][] tool. For example,
+if you want to replace the copy of V8 in Node.js with the branch-head for V8 5.1
 branch:
 
 ```shell