C#: Update extractor package dependencies.

[michaelnebel]

In this PR we

• Update Microsoft.Build and Roslyn dependencies due to security advisories.
• Update the Binlog dependency (pre-requisite for .NET 10 support).

According to DCA

• There are no changes to performance.
• There are some changes to alerts. However, it looks like there is a general reduction on the number of compilation errors and/or extractor errors due to the package updates. Furthermore, there are only alert changes in the projects where we also see changes in the number of compilation messages/errors.

[Copilot]

Pull Request Overview

This PR updates the C# extractor's roslyn and binlog dependencies to newer versions to improve database and analysis quality. Key changes include:

• Updating Basic.CompilerLog.Util from 0.9.8 to 0.9.21
• Updating Microsoft.CodeAnalysis from 4.12.0 to 4.14.0
• Updating Microsoft.Build from 17.12.6 to 17.14.28
• Adapting code to API change in binlog reader

Reviewed Changes

Copilot reviewed 4 out of 6 changed files in this pull request and generated no comments.

Show a summary per file

File	Description
csharp/ql/lib/change-notes/2025-11-03-roslyn-and-binlog.md	Adds release note documenting the dependency updates
csharp/ql/integration-tests/posix/standalone_dependencies_executing_runtime/Assemblies.expected	Updates expected test output to include new dependencies (Microsoft.Bcl.Memory.dll, NaturalSort.Extension.dll)
csharp/paket.main.bzl	Updates package versions and dependencies in the build configuration
csharp/paket.lock	Updates locked dependency versions
csharp/paket.dependencies	Updates top-level dependency versions
csharp/extractor/Semmle.Extraction.CSharp/Extractor/Extractor.cs	Changes API call from compilerCall.GetArguments() to reader.ReadArguments(compilerCall)

---

💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.

[hvitved]

LGTM