FIX: S360 CodeQL finding in PR validation to resolve stale snapshot issue (#407)

- Disable CodeQL auto-injection globally in PR validation pipeline

- Add one-time 'pytestonwindows' job to update the old stale CodeQL
snapshot

- This fixes the S360 CodeQL finding SM02986 that was stuck on outdated
code

- After the old snapshot is cleared, the pytestonwindows job should be
removed

Resolves: User Story 39809 [S360] [CodeQL.SM02986]

### Work Item / Issue Reference  
<!-- 
IMPORTANT: Please follow the PR template guidelines below.
For mssql-python maintainers: Insert your ADO Work Item ID below (e.g.
AB#37452)
For external contributors: Insert Github Issue number below (e.g. #149)
Only one reference is required - either GitHub issue OR ADO Work Item.
-->

<!-- mssql-python maintainers: ADO Work Item -->
>
[AB#41680](https://sqlclientdrivers.visualstudio.com/c6d89619-62de-46a0-8b46-70b92a84d85e/_workitems/edit/41680)

<!-- External contributors: GitHub Issue -->
> GitHub Issue: #<ISSUE_NUMBER>

-------------------------------------------------------------------
### Summary   
<!-- Insert your summary of changes below. Minimum 10 characters
required. -->
This pull request updates the PR validation pipeline configuration to
address CodeQL analysis and snapshot management. The main changes are
disabling automatic CodeQL analysis to prevent duplicate findings, and
introducing a one-time job to update a legacy CodeQL snapshot for the
`pytestonwindows` build. These adjustments ensure that CodeQL runs only
where needed and help resolve an old issue with snapshot duplication.

**CodeQL Analysis Configuration:**

* Disabled global CodeQL auto-injection in all jobs by setting the
`Codeql.Enabled` variable to `false`, ensuring CodeQL analysis is not
performed in this pipeline except where explicitly enabled.

**One-time Snapshot Update Job:**

* Added a dedicated job named `pytestonwindows` to update the old CodeQL
snapshot. This job is configured to run on `windows-latest` and
temporarily enables CodeQL analysis for this specific purpose. The job
is intended for one-time use and should be removed after the snapshot
issue is resolved.

**Build and Dependency Changes (Windows Compatibility):**

* Updated build and dependency installation steps in the new job to use
Windows-specific commands (`call build.bat x64` and `cd
mssql_python\pybind`) and install additional dependencies required for
building the C++ extension.
[[1]](diffhunk://#diff-296c8f902bbd70f34ee1c8c32383c8c99165fe4c8e5b0f234f8f22246e56a621L39-R59)
[[2]](diffhunk://#diff-296c8f902bbd70f34ee1c8c32383c8c99165fe4c8e5b0f234f8f22246e56a621R9-R49)

<!-- 
### PR Title Guide

> For feature requests
FEAT: (short-description)

> For non-feature requests like test case updates, config updates ,
dependency updates etc
CHORE: (short-description) 

> For Fix requests
FIX: (short-description)

> For doc update requests 
DOC: (short-description)

> For Formatting, indentation, or styling update
STYLE: (short-description)

> For Refactor, without any feature changes
REFACTOR: (short-description)

> For release related changes, without any feature changes
RELEASE: #<RELEASE_VERSION> (short-description) 

### Contribution Guidelines

External contributors:
- Create a GitHub issue first:
https://github.com/microsoft/mssql-python/issues/new
- Link the GitHub issue in the "GitHub Issue" section above
- Follow the PR title format and provide a meaningful summary

mssql-python maintainers:
- Create an ADO Work Item following internal processes
- Link the ADO Work Item in the "ADO Work Item" section above  
- Follow the PR title format and provide a meaningful summary
-->

Author: gargsaumya

eng/pipelines/pr-validation-pipeline.yml

@@ -11,7 +11,7 @@ jobs:
   displayName: 'CodeQL Security Analysis'
   pool:
     vmImage: 'ubuntu-latest'
-  
+
   steps:
   - script: |
       sudo apt-get update
@@ -45,10 +45,14 @@ jobs:
     condition: always()
     displayName: 'Finalize CodeQL'
 
-- job: PytestOnWindows
+- job: pytestonwindows
   displayName: 'Windows x64'
   pool:
     vmImage: 'windows-latest'
+  variables:
+    # Enable CodeQL for this job to update the old stale snapshot (build_jobname=pytestonwindows)
+    # This can be removed once the old CodeQL issue SM02986 is cleared
+    Codeql.Enabled: true
 
   strategy:
     matrix:
@@ -225,11 +229,22 @@ jobs:
     env:
       DB_PASSWORD: $(DB_PASSWORD)
 
+  # ============== CodeQL Init (temporary - remove after SM02986 is cleared) ==============
+  - task: CodeQL3000Init@0
+    inputs:
+      Enabled: true
+    displayName: 'Initialize CodeQL (temporary)'
+
   - script: |
       cd mssql_python\pybind
       build.bat x64
     displayName: 'Build .pyd file'
 
+  # ============== CodeQL Finalize (temporary - remove after SM02986 is cleared) ==============
+  - task: CodeQL3000Finalize@0
+    condition: always()
+    displayName: 'Finalize CodeQL (temporary)'
+
   # Run tests for LocalDB
   - script: |
       python -m pytest -v --junitxml=test-results-localdb.xml --cov=. --cov-report=xml:coverage-localdb.xml --capture=tee-sys --cache-clear