feat(validators): add noqa suppression support to security and performance validators

- Add centralized _is_noqa_suppressed() to BaseValidator with normalization
  (accepts both SEC001 and SEC-001 formats for ruff compatibility)
- Wire noqa support into all 21 security and 18 performance check functions
- Add ruff external config for SEC/PERF/MOD/EXC codes in pyproject.toml
- Convert all 280 Python noqa comments to dashless format (ruff-compatible)
- Add site/ to IGNORE_PATTERNS (excludes mkdocs build output)
- Suppress 152 false positive findings (test passwords, seed data, validator
  self-references, Apple Wallet SHA1, etc.)
- Security: 79 errors → 0, 60 warnings → 0
- Performance: 80 warnings → 77 (3 test script suppressions)
- Add proposal doc with noqa inventory and remaining findings recommendations

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>

app/modules/customers/exceptions.py

@@ -53,7 +53,7 @@ class CustomerNotFoundException(ResourceNotFoundException):
         )
 
 
-class CustomerAlreadyExistsException(ConflictException):  # noqa: MOD-025
+class CustomerAlreadyExistsException(ConflictException):  # noqa: MOD025
     """Raised when trying to create a customer that already exists."""
 
     def __init__(self, email: str):
@@ -109,7 +109,7 @@ class CustomerValidationException(ValidationException):
         self.error_code = "CUSTOMER_VALIDATION_FAILED"
 
 
-class CustomerAuthorizationException(BusinessLogicException):  # noqa: MOD-025
+class CustomerAuthorizationException(BusinessLogicException):  # noqa: MOD025
     """Raised when customer is not authorized for operation."""
 
     def __init__(self, customer_email: str, operation: str):
@@ -170,7 +170,7 @@ class AddressLimitExceededException(BusinessLogicException):
         )
 
 
-class InvalidAddressTypeException(BusinessLogicException):  # noqa: MOD-025
+class InvalidAddressTypeException(BusinessLogicException):  # noqa: MOD025
     """Raised when an invalid address type is provided."""
 
     def __init__(self, address_type: str):