Add global.json to pin .NET SDK version for InferencePipeline (.NET 9.0)

[WilliamBerryiii]

Summary

Add a global.json file to the .NET project under src/500-application/500-basic-inference/services/pipeline/ (and any other .NET projects in this repo that lack one) to pin a minimum .NET SDK version. The repo currently has no global.json but contains .NET 9.0 projects:

• src/500-application/500-basic-inference/services/pipeline/src/InferencePipeline/InferencePipeline.csproj
• src/500-application/500-basic-inference/services/pipeline/src/InferencePipeline.Tests/InferencePipeline.Tests.csproj

Why

• Security: Pin to a minimum .NET SDK version that includes fixes for high/critical security advisories. Older SDKs are exposed to known CVEs (RCE, EoP, DoS). See the .NET 9.0 CVE list for details.
• Version consistency: All developers and build systems use the same SDK version, eliminating "works on my machine" issues.
• Build reproducibility: Guarantees consistent builds regardless of environment.
• Explicit dependencies: Makes SDK requirements visible and aids maintenance planning.
• Controlled upgrades: Enables intentional SDK upgrades when the team is ready, rather than implicit upgrades based on whatever is installed.

Proposed change

Add a global.json at an appropriate scope (project root or repo root) selecting a current, supported .NET 9.0 SDK with security fixes, e.g.:

{
  "sdk": {
    "version": "9.0.×××",
    "rollForward": "latestFeature"
  }
}

The exact version should be the latest patched 9.0.x SDK at implementation time.

Acceptance criteria

• global.json added covering all .NET projects in the repo
• Selected SDK version includes current security advisory fixes
• Local dotnet build succeeds with the pinned SDK
• Azure Pipelines build still passes (add UseDotNet@2 with useGlobalJson: true if required)

Pipeline note

If a build fails due to the SDK version requirement, install the required SDK in Azure Pipelines:

- task: UseDotNet@2
  inputs:
    useGlobalJson: true