fix(tui): keep denied approvals scoped to exact calls

[nightt5879]

Summary

Fixes #1617.

• Key approval denials by a canonical argument hash for file-write tools, shell/task-shell tools, and generic approval-gated tools, so a denial only suppresses exact retries instead of every future call of the same tool.
• Keep approve-for-session behavior tool-wide while making deny auto-cache match only the approval key.
• Omit trailing commas from the canonical argument serialization after review feedback, with a regression test for the exact serialized shape.
• Remove two Windows-only needless returns in ui.rs so the repository clippy command passes with warnings denied.

Root cause

PR #1388 stopped inserting tool_name into approval_session_denied, but most tools still built fallback approval keys as tool:<tool_name>. For tools like edit_file, write_file, and task_shell_start, denying one request therefore cached a key reused by later distinct requests. The UI path also still accepted legacy tool-name deny hits.

Testing

• cargo test --all-features
  • Ran after the latest commit on this Windows checkout; failed with 3052 passed, 5 failed, 3 ignored.
  • The failing tests are outside this approval-cache change:
    • session_manager::tests::latest_session_for_workspace_ignores_newer_other_directory and session_manager::tests::latest_session_for_workspace_ignores_invalid_parent_git_marker also fail individually here. This checkout has C:\.git\HEAD, so the temp workspaces are detected as sharing the same parent git root.
    • commands::change::tests::change_in_non_english_without_api_key_uses_explicit_fallback also fails individually in this environment.
    • tools::pandoc::tests::pandoc_convert_roundtrips_markdown_to_html_inline and tools::pandoc::tests::pandoc_convert_writes_output_path_and_reports_summary failed during the full run with pandoc: getXdgDirectory:sHGetFolderPath: illegal operation, but both passed when rerun individually.
• cargo fmt --all -- --check
• cargo clippy --workspace --all-targets --all-features -- -D warnings
• cargo build
• cargo test -p deepseek-tui approval_cache
• cargo test -p deepseek-tui session_denied_cache_matches_only_approval_key
• cargo test -p deepseek-tui session_approved_cache_keeps_tool_name_session_grants

Checklist

• Updated docs or comments as needed
• Added or updated tests where relevant
• Verified TUI behavior manually if UI changes
  • Covered by focused unit tests; no manual interactive TUI session was run.

[gemini-code-assist]

Code Review

This pull request enhances the tool approval system by transitioning from lossy command prefixes to SHA-256 hashes of the full tool arguments, ensuring more precise cache keys. It introduces a canonical JSON serialization mechanism to maintain stable hashes across different object key orderings. The TUI logic was also refactored to use helper functions for session approval checks. Feedback was provided to improve the canonical JSON serialization by removing trailing commas in arrays and objects for a more standard representation.

[Hmbown]

I’m leaving this open rather than closing it as a duplicate. Main already has the smaller #1623 approval fingerprint fix, but this PR appears to go further by hashing exact arguments for shell/file denials. That may be worth harvesting after a focused review/rebase, especially if we can keep it separated from unrelated terminal changes.

[nightt5879]

Rebased this branch onto the latest upstream/main; the PR is now mergeable again.

I also added 5651112 to keep the PR focused on approval denial scoping: it restores the unrelated Windows keyboard enhancement return; changes, so the remaining diff is limited to the approval cache keying/session denial behavior and its tests.

Validation run locally:

• cargo fmt --check
• cargo test -p deepseek-tui approval_cache
• cargo test -p deepseek-tui session_denied_cache_matches_only_approval_key
• cargo test -p deepseek-tui session_approved_cache_keeps_tool_name_session_grants

I also tried the broader cargo test -p deepseek-tui session_ filter. The two approval-session tests from this PR passed there too, but that broad filter also picked up two existing session_manager workspace-selection tests that fail locally on Windows (latest_session_for_workspace_ignores_invalid_parent_git_marker and latest_session_for_workspace_ignores_newer_other_directory).

[Hmbown]

Thanks for the exact-call approval-key work here. I harvested the narrow denial-cache fix into #1698 for v0.8.38, with changelog credit to Nightt / @nightt5879 and lalala / @lalala-233 for the #1617 report.

That landed as the scoped fix for #1617, so I am closing this broader PR as superseded rather than merging it as-is.

[nightt5879]

Thanks for the exact-call approval-key work here. I harvested the narrow denial-cache fix into #1698 for v0.8.38, with changelog credit to Nightt / @nightt5879 and lalala / @lalala-233 for the #1617 report.

That landed as the scoped fix for #1617, so I am closing this broader PR as superseded rather than merging it as-is.

Thanks, that makes sense.

Glad the scoped fix landed in #1698, and I appreciate the changelog credit. Closing this as superseded works for me.