fix(cli): validate fps upper bound, prune stale sessions, add upload progress, retry desktop store read

[ManthanNimodiya]

Addresses 4 issues found in #1886:

• fps validation -> --fps 0 was already rejected but the documented 1-120 upper bound wasn't enforced; now rejects values > 120
• session pruning -> stopped/errored session files in ~/.cap/sessions were never cleaned up; now pruned after 7 days on next sessions_dir() call
• upload progress -> cap upload went silent during file transfer while cap export streams NDJSON progress; now emits {"type":"Uploading","bytes_sent":N,"total_bytes":N} every second in --json mode
• desktop store retry -> load_desktop_store() read the tauri-plugin-store file without retrying; a concurrent Desktop flush could produce truncated JSON; now retries up to 3 times with 50ms delay

Greptile Summary

This PR addresses four issues identified in the previous review: FPS upper-bound validation, stale session pruning, upload progress reporting, and retry logic for the Desktop credential store read.

• record.rs: --fps now rejects values outside 1–120 with a clear error message.
• session.rs: Stopped/Error sessions older than 7 days are pruned on the next sessions_dir() call; the previous infinite-recursion issue is resolved by building deletion paths directly from the known dir argument.
• upload.rs: A background task emits Uploading progress events every second; task.abort() is now correctly placed before send_result? so the task is torn down on both network errors and successful uploads before Uploaded is written.
• credentials.rs: Retries up to 3× for truncated JSON; returns early from the closure on a successful parse (whether or not auth is present), eliminating unnecessary 100 ms delays for logged-out users.

Confidence Score: 5/5

Safe to merge; the four targeted fixes are implemented correctly and the changes are narrowly scoped.

All four previously reported defects are correctly addressed. The remaining observations are efficiency and edge-case concerns (redundant prune scans per operation, immediate deletion of sessions whose started_at is absent) that don't affect normal operation.

apps/cli/src/session.rs — the prune-on-every-sessions_dir() design causes multiple redundant directory scans per write/cleanup operation, and sessions without a started_at timestamp are pruned immediately rather than conservatively retained.

Important Files Changed

Filename	Overview
apps/cli/src/record.rs	FPS upper-bound validation added correctly with is_some_and; error message updated to reflect the 1–120 range.
apps/cli/src/session.rs	Session pruning added; recursion from previous review is fixed by building paths directly from dir. However, sessions_dir() is called multiple times per high-level operation, triggering multiple redundant prune scans. Sessions missing started_at are treated as infinitely old and pruned immediately.
apps/cli/src/credentials.rs	Desktop store read now retries up to 3 times for truncated JSON; returns early on successful parse (valid JSON with or without auth) to avoid unnecessary retries for logged-out users.
apps/cli/src/upload.rs	Upload progress via AtomicU64 + background task; task is now aborted before checking send_result?, ensuring the progress task is torn down on both network errors and success paths before Uploaded is emitted.

_{Reviews (4): Last reviewed commit: "fix(cli): abort upload progress task on ..." | Re-trigger Greptile}

[ManthanNimodiya]

@greptileai please re-review

[ManthanNimodiya]

@greptileai please re-review

[ManthanNimodiya]

@richiemcilroy, addressed all the comments of greptile, lmk for any changes

[richiemcilroy]

@greptileai please re-review