fix: clean error messages for expected API and OAuth failures

[jdwit]

Closes #38

Problem

Expected, user-facing failures dumped a full Rich traceback: any non-403 HttpError (e.g. a 400 from analytics query with an unaligned date range) and OAuth denial during ytstudio login.

Fix

• handle_api_error keeps re-raising unknown errors so command-specific handlers (comments, livestreams) can still add context.
• New CLI error boundary main.cli (now the ytstudio/yts entry point) turns any HttpError/OAuth2Error that reaches the top into a single clean line + exit 1. Unexpected exceptions keep their traceback.
• _authenticate_local_server catches AccessDeniedError/OAuth2Error during login with a friendly hint.

Tests

Added coverage for the boundary (clean message, no traceback) and OAuth denial. Full suite: 287 passed, ruff clean.

[codecov-commenter]

Codecov Report

✅ All modified and coverable lines are covered by tests.
✅ Project coverage is 83.81%. Comparing base (64090a0) to head (2ff235a).

Additional details and impacted files

@@            Coverage Diff             @@
##             main      #41      +/-   ##
==========================================
+ Coverage   83.60%   83.81%   +0.21%     
==========================================
  Files          15       15              
  Lines        2427     2447      +20     
  Branches      356      354       -2     
==========================================
+ Hits         2029     2051      +22     
+ Misses        265      264       -1     
+ Partials      133      132       -1     

☔ View full report in Codecov by Harness.
📢 Have feedback on the report? Share it here.

🚀 New features to boost your workflow:

• ❄️ Test Analytics: Detect flaky tests, report on failures, and find test suite problems.