Upgrade OpenTelemetry packages to 1.15.X (PHNX-18055)

[Copilot]

Upgrades all OpenTelemetry NuGet packages to remediate GHSA-q834-8qmm-v933, which covers 8 CVEs affecting versions 1.13.1–1.15.1.

Changes

• src/Directory.Packages.props — bumped three centrally-managed package versions:

Package	From	To
OpenTelemetry.Exporter.OpenTelemetryProtocol	1.14.0	1.15.3
OpenTelemetry.Extensions.Hosting	1.14.0	1.15.3
OpenTelemetry.Instrumentation.AspNetCore	1.14.0	1.15.2

OpenTelemetry.Instrumentation.AspNetCore 1.15.3 has not been published; 1.15.2 is the latest available 1.15.x for that package.

Related: https://centeredge.atlassian.net/browse/PHNX-18055

Original prompt

You have been assigned to a work item "Upgrade OpenTelemetry in Shawarma.AspNetCore". Analyze the details of the work item and get started.
Summary: Upgrade OpenTelemetry in Shawarma.AspNetCore
Description: Objective
Upgrade all OpenTelemetry NuGet packages in the CenterEdge/Shawarma.AspNetCore repository to version 1.15.3 (or the latest secure 1.15.x version available for each package).
Background

• Security Advisory: GHSA-q834-8qmm-v933 — 8 CVEs affect OpenTelemetry versions 1.13.1 through 1.15.1.
• Parent Issue: PHNX-18030
• Related Issue: PHNX-18008 — Previous upgrade effort for other repos (all deployed). This repo was not included in that round but is now identified as affected.
  Instructions

1. Search the repository for all .csproj files referencing OpenTelemetry packages (e.g., OpenTelemetry, OpenTelemetry.Api, OpenTelemetry.Extensions.Hosting, OpenTelemetry.Exporter., OpenTelemetry.Instrumentation.*, etc.).
2. For each OpenTelemetry package currently on version 1.13.x or above, upgrade to 1.15.3 if that version is available on NuGet. If 1.15.3 is not available for a specific package, upgrade to the latest available 1.15.x version.
3. Important: Verify the current version of each individual OpenTelemetry package before upgrading — not all packages have version 1.15.3 available. Check NuGet for the latest secure version of each package independently.
4. Do not downgrade any package that is already on 1.15.3 or higher.
5. If there are breaking changes, address them in the same PR.
   Acceptance Criteria

• All OpenTelemetry packages in the repo are on version 1.15.3 (or the latest secure 1.15.x if 1.15.3 is unavailable for that package).
• The solution builds successfully.
• No OpenTelemetry packages remain on versions 1.13.x through 1.15.2.

Parent Issue: PHNX-18030 — Upgrade OpenTelemetry to address security vulnerabilities

The branch name and pull request title should include the identifier: PHNX-18055
Include a link to the original issue in the pull request description: https://centeredge.atlassian.net/browse/PHNX-18055

[centeredgebot]

This pull request is invalid according to the following rules:

• The title of this pull request cannot be empty, and must be fewer than 72 characters in length.

[jmillercenteredge]

/merge