Following review feedback, widen the Windows branch to [A-Za-z] so
lowercase paths (c:\Users\...) are caught too. Kept a \b anchor so URL
schemes like https:// (which also contain "<letter>:/") aren't flagged —
a plain [A-Za-z] would have matched every URL in the docs.
Added lowercase and URL-not-flagged cases to the test (now 8/8).
The absolute-path-leak check used `[A-Z]:\\\\`, which in a regex literal
needs two backslashes — so a normal Windows path like C:\Users\... slipped
straight through. Widened it to match either separator (C:\ or C:/).
While here, exported checkAbsolutePathLeaks and added a small test
(test/test-abs-path-leak.js, wired into npm test) covering the
single-backslash case plus the existing Unix and code-block behaviour.
Zied Jlassi