Suppress spurious CodeQL warning related to DefaultAzureCredential (#3503)

* Task 37261: [S360] [SM05137] DefaultAzureCredential use in Production

- Suppressed use of DefaultAzureCredential.

* Task 37261: [S360] [SM05137] DefaultAzureCredential use in Production

- Suppressed use of DefaultAzureCredential.

src/Microsoft.Data.SqlClient/src/Microsoft/Data/SqlClient/ActiveDirectoryAuthenticationProvider.cs

@@ -582,6 +582,18 @@ namespace Microsoft.Data.SqlClient
                     defaultAzureCredentialOptions.WorkloadIdentityClientId = tokenCredentialKey._clientId;
                 }
 
+                // SqlClient is a library and provides support to acquire access
+                // token using 'DefaultAzureCredential' on user demand when they
+                // specify 'Authentication = Active Directory Default' in
+                // connection string.
+                //
+                // CodeQL Suppression - do not modify this comment:
+                //
+                // CodeQL [SM05137] Default Azure Credential is instantiated by
+                // the calling application when using "Active Directory Default"
+                // authentication code to connect to Azure SQL instance.
+                // SqlClient is a library, doesn't instantiate the credential
+                // without running application instructions.
                 return new TokenCredentialData(new DefaultAzureCredential(defaultAzureCredentialOptions), GetHash(secret));
             }