Address review comments: fix file paths, grammar, and documentation

Co-authored-by: BreakableHoodie <169505867+BreakableHoodie@users.noreply.github.com>

Author: Copilot

README.md

@@ -17,6 +17,7 @@ Default files that appear in all CivicTechWR repositories (unless overridden):
 - **SECURITY.md** - Security policy and vulnerability reporting
 - **ISSUE_TEMPLATE/** - Issue templates for bugs, features, and questions
 - **PULL_REQUEST_TEMPLATE.md** - Pull request template
+- **CODEOWNERS** - Default repository ownership and review responsibilities
 
 ### Organization Profile
 

docs/gitleaks-response.md

@@ -25,11 +25,11 @@ This guide helps CivicTechWR maintainers triage, contain, and remediate potentia
 ## 5. Verify and Prevent Recurrence
 
 - Re-run the Gitleaks workflow (or trigger it manually) to confirm the repository is clean.
-- Add new patterns to the `gitleaks.toml` allowlist only after validating they are false positives.
+- Update the Gitleaks configuration in `.github/workflows/gitleaks.yml` to add new allowlist patterns, and only after validating they are false positives.
 
 ## Reference
 
-- Repository workflow: `.github/workflows/reusable-gitleaks.yml`
+- Repository workflow: `.github/workflows/gitleaks.yml`
 - Team contact: `civictechwr@gmail.com`
 
 Always assume a leaked credential is compromised until rotated and confirmed inactive.

docs/governance/codeowners-branch-protection.md

@@ -15,7 +15,7 @@ Apply these settings to the organization's default branch rule (settings > Code
 3. **Required reviewers:**
    - At least **1 approval**, prefer **2 approvals** for active codebases.
    - **Require review from Code Owners** (once the default CODEOWNERS file lands).
-4. **Status checks:** enable the projects primary CI build (e.g., `lint`, `test`, `deploy-preview`). Start with the checks that already exist; new projects should add them before their first release.
+4. **Status checks:** enable the project's primary CI build (e.g., `lint`, `test`, `deploy-preview`). Start with the checks that already exist; new projects should add them before their first release.
 5. **Additional safeguards:**
    - Require conversation resolution before merging.
    - Require linear history.
@@ -48,7 +48,7 @@ Projects stay under `@CivicTechWR/organizers` until their project team exists **
 
 ## Default CODEOWNERS Strategy
 
-Create `.github/CODEOWNERS` (this repository) so GitHub applies it to every CivicTechWR repo that does not define its own CODEOWNERS file.
+Create a repository-root `CODEOWNERS` file (this repository) so GitHub applies it to every CivicTechWR repo that does not define its own CODEOWNERS file.
 
 ```text
 # Default owners for every file in repos without project-specific CODEOWNERS
@@ -65,7 +65,7 @@ Create `.github/CODEOWNERS` (this repository) so GitHub applies it to every Civi
 Key considerations:
 
 - Patterns in this default file must be generic. Repo-specific overrides belong in that repo.
-- Github evaluates CODEOWNERS top to bottom; place broader matches last.
+- GitHub evaluates CODEOWNERS patterns from top to bottom and uses the last matching pattern. In the examples above, the broad `*` entry appears first so that later, more specific patterns can override it.
 - Encourage projects to commit their own CODEOWNERS file as soon as they have a stable team. Provide them with a template (see below) and remind them to keep `@CivicTechWR/organizers` as a secondary owner for continuity.
 
 ### Sample project CODEOWNERS template

profile/README.md

@@ -1,6 +1,6 @@
 # Welcome to CivicTech Waterloo Region
 
-Please standby—CTWR is coming back to life and taking over.
+Please stand by—CTWR is coming back to life and taking over.
 
 - Visit our website [CivicTechWR.org](https://civictechwr.org/)
 - Check out what projects are currently happening here: [CTWR Projects In Progress](https://github.com/orgs/CivicTechWR/projects/10/views/6?sliceBy%5Bvalue%5D=In+progress)