feat(core): plumb distinct approval ids for command approvals (#12051)

zsh fork PR stack:
- https://github.com/openai/codex/pull/12051 👈 
- https://github.com/openai/codex/pull/12052

With upcoming support for a fork of zsh that allows us to intercept
`execve` and run execpolicy checks for each subcommand as part of a
`CommandExecution`, it will be possible for there to be multiple
approval requests for a shell command like `/path/to/zsh -lc 'git status
&& rg \"TODO\" src && make test'`.

To support that, this PR introduces a new `approval_id` field across
core, protocol, and app-server so that we can associate approvals
properly for subcommands.

codex-rs/core/src/codex_delegate.rs

@@ -311,8 +311,10 @@ async fn handle_exec_approval(
     event: ExecApprovalRequestEvent,
     cancel_token: &CancellationToken,
 ) {
+    let approval_id_for_op = event.effective_approval_id();
     let ExecApprovalRequestEvent {
         call_id,
+        approval_id,
         command,
         cwd,
         reason,
@@ -320,23 +322,28 @@ async fn handle_exec_approval(
         proposed_execpolicy_amendment,
         ..
     } = event;
-    let approval_id = call_id.clone();
     // Race approval with cancellation and timeout to avoid hangs.
     let approval_fut = parent_session.request_command_approval(
         parent_ctx,
         call_id,
+        approval_id,
         command,
         cwd,
         reason,
         network_approval_context,
         proposed_execpolicy_amendment,
     );
-    let decision =
-        await_approval_with_cancel(approval_fut, parent_session, &approval_id, cancel_token).await;
+    let decision = await_approval_with_cancel(
+        approval_fut,
+        parent_session,
+        &approval_id_for_op,
+        cancel_token,
+    )
+    .await;
 
     let _ = codex
         .submit(Op::ExecApproval {
-            id: approval_id,
+            id: approval_id_for_op,
             turn_id: Some(turn_id),
             decision,
         })