fix: surface approval prompt in UI instead of getting stuck in Thinking (#187)

* fix: surface approval prompt in UI instead of getting stuck in Thinking

When a dangerous command was detected during streaming, the approval system
would call submit_pending() but no SSE 'approval' event would be emitted to
the frontend. The agent thread either blocked indefinitely (gateway path) or
returned an approval_required status the UI never saw (EXEC_ASK path). Either
way the chat UI stayed stuck in 'Thinking...' with no prompt shown.

Root cause: streaming.py used HERMES_EXEC_ASK=1 but never registered a
register_gateway_notify() callback. Without it, check_all_command_guards()
fell back to the legacy polling path (submit_pending only), which relies on
on_tool() polling -- but on_tool() fires *before* the tool runs, so by the
time the terminal tool detected the dangerous command and called submit_pending,
the approval event had already missed its window.

Fix (streaming.py):
- Register a gateway-style notify_cb via register_gateway_notify() before the
  agent runs. The callback calls put('approval', ...) to emit the SSE event
  the moment a dangerous command is detected, regardless of on_tool() timing.
- Unregister via unregister_gateway_notify() in the finally block to unblock
  any threads still waiting if the stream ends or is cancelled mid-approval.
- Keep the on_tool() fallback poll for older approval module versions.

Fix (routes.py):
- Import and call resolve_gateway_approval() in _handle_approval_respond().
  This unblocks the agent thread parked in entry.event.wait() when the user
  clicks Allow or Deny in the UI. Without this call the thread would block
  until the 5-minute gateway timeout.

Tests (tests/test_approval_unblock.py):
- 16 new tests covering: resolve_gateway_approval() event signalling, deny/
  session/once choices, resolve_all, notify_cb registration/firing/cleanup,
  unregister signals blocked entries, full end-to-end streaming simulation,
  module symbol exports, and HTTP endpoint regressions.

515 tests pass (499 existing + 16 new).

* feat: full approval UI — i18n buttons, keyboard shortcut, loading state, scoping fix

---------

Co-authored-by: Nathan Esquenazi <nesquena@gmail.com>

api/routes.py

@@ -58,6 +58,7 @@ try:
         has_pending, pop_pending, submit_pending,
         approve_session, approve_permanent, save_permanent_allowlist,
         is_approved, _pending, _lock, _permanent_approved,
+        resolve_gateway_approval,
     )
 except ImportError:
     has_pending = lambda *a, **k: False
@@ -67,6 +68,7 @@ except ImportError:
     approve_permanent = lambda *a, **k: None
     save_permanent_allowlist = lambda *a, **k: None
     is_approved = lambda *a, **k: True
+    resolve_gateway_approval = lambda *a, **k: 0
     _pending = {}
     _lock = threading.Lock()
     _permanent_approved = set()
@@ -1353,6 +1355,7 @@ def _handle_approval_respond(handler, body):
     choice = body.get('choice', 'deny')
     if choice not in ('once', 'session', 'always', 'deny'):
         return bad(handler, f'Invalid choice: {choice}')
+    # Pop the legacy polling-mode pending entry (no-op when gateway path is active).
     with _lock:
         pending = _pending.pop(sid, None)
     if pending:
@@ -1363,6 +1366,10 @@ def _handle_approval_respond(handler, body):
             for k in keys:
                 approve_session(sid, k); approve_permanent(k)
             save_permanent_allowlist(_permanent_approved)
+    # Unblock the agent thread waiting in the gateway approval queue.
+    # This is the primary signal when streaming is active — the agent
+    # thread is parked in entry.event.wait() and needs to be woken up.
+    resolve_gateway_approval(sid, choice, resolve_all=False)
     return j(handler, {'ok': True, 'choice': choice})