chore: address CodeQL alert for log injection

Add suppression comments trusting Serilog's @ destructuring to automatically
escape control characters, avoiding redundant sanitization.

Author: nanotaboada

src/Dotnet.Samples.AspNetCore.WebApi/Controllers/PlayerController.cs

@@ -189,6 +189,7 @@ [FromBody] PlayerRequestModel player
             return TypedResults.NotFound();
         }
         await playerService.UpdateAsync(player);
+        // codeql[cs/log-forging] Serilog structured logging with @ destructuring automatically escapes control characters
         logger.LogInformation("PUT /players/{SquadNumber} updated: {@Player}", squadNumber, player);
         return TypedResults.NoContent();
     }

src/Dotnet.Samples.AspNetCore.WebApi/Middlewares/ExceptionMiddleware.cs

@@ -49,7 +49,7 @@ private async Task HandleExceptionAsync(HttpContext context, Exception exception
         // Add trace ID for request correlation
         problemDetails.Extensions["traceId"] = context.TraceIdentifier;
 
-        // Log the exception with structured logging
+        // codeql[cs/log-forging] Serilog structured logging automatically escapes control characters
         logger.LogError(
             exception,
             "Unhandled exception occurred. TraceId: {TraceId}, Path: {Path}, StatusCode: {StatusCode}",