test(telegram): tighten link-URL assertion to silence CodeQL

Address CodeQL alert on PR #89: ``"wikipedia.org" in result`` matches an
arbitrary substring and tripped the URL-substring-sanitization heuristic.
Replace with a longer anchored fragment ``"https://en.wikipedia.org/wiki/Foo_"``
which both passes CodeQL and is a stronger render assertion.

This is test-only — no behavior change, no security boundary.

https://claude.ai/code/session_01FyMxQn2BEAzmwKS1GZczKj

Author: claude

tests/test_telegram_format.py

@@ -283,8 +283,10 @@ def test_link_url_only_escapes_paren_and_backslash(self):
         result = converter.from_ast(converter.to_ast("[wiki](https://en.wikipedia.org/wiki/Foo_(bar))"))
         # The inner `)` from `(bar)` must be escaped to `\)`.
         assert "\\)" in result
-        # The `.` in `wikipedia.org` should NOT be escaped inside the URL.
-        assert "wikipedia.org" in result
+        # The `.` in the host should NOT be escaped inside the URL — assert
+        # via a long anchored fragment so CodeQL's URL-substring heuristic
+        # isn't tripped (this is a render check, not a security boundary).
+        assert "https://en.wikipedia.org/wiki/Foo_" in result
 
     def test_render_postable_string_passes_through_unchanged(self):
         # Plain string messages ship verbatim — no escaping (parse_mode