Right now in my Rules tab I have wget listed as "deny once" and as "allow once".
The fact that dead processes remain displayed can cause some confusion.
Is there a rationale in keeping them displayed like that?
Can we have a check if the process is still alive and if it has a "once" duration and is not alive, it can be removed.

I've also been wondering this myself for long time, because sometimes you end up with several temporal rules that you have to delete manually.
The easiest way would be to add a check to not save temporal rules, not only "once" rules, but also "30s", etc. Once you know how the rules work, you can decide if you want to keep them or not.

The fact that dead processes remain displayed can cause some confusion.

Well, the rules added are not processes that are still alive. The rules are for processes, regardless if they're running or not.

One partial solution would be to classify rules like this:

That way, if you have configured to not show pop-ups or if you have missed a connection pop-up to allow/deny a connection, you could go to the Temporary Rules and create a permanent one if you want.

We could also have a config option to not save temporary rules.