@aitne-sh/aitne 0.1.7 → 0.1.9

package/scripts/commands/verify.mjs

@@ -0,0 +1,264 @@
+/**
+ * `aitne verify <target>` — post-launch verification for shipped design
+ * surfaces. Each target bundles a small set of pass/warn/fail checks an
+ * operator runs once after a rollout to confirm the change actually
+ * delivered what it promised.
+ *
+ * Targets:
+ *   - `evening-review-slimdown` — Phase 4 of
+ *     `docs/design/appendices/evening-review-slimdown.md`. Confirms the
+ *     four post-launch invariants the doc lists (cron audit freshness,
+ *     token-envelope drop, conditional notify load, 30-day notify
+ *     invocation sample).
+ *
+ * Verify is read-only and offline. No daemon HTTP call, no DB writes,
+ * no network. Safe to run while the daemon is up (the daemon enables
+ * WAL — concurrent readers are fine) or while it is stopped (we open
+ * the SQLite file in readonly mode).
+ *
+ * The check logic itself lives in
+ * `packages/daemon/src/core/evening-review-verify.ts` so the rulebook
+ * predicate is reused verbatim from the daemon (no drift risk) and the
+ * checks are unit-testable under the daemon's coverage gate. This file
+ * is a thin CLI wrapper: parse args → resolve contextDir → call the
+ * typed runner → render.
+ *
+ * Exit codes:
+ *   0   every check returned pass or warn
+ *   1   at least one check returned fail
+ *   2   argument error / unknown target
+ *   3   the SQLite file or daemon dist is missing
+ */
+import fs from "node:fs";
+import path from "node:path";
+import { fileURLToPath, pathToFileURL } from "node:url";
+
+const KNOWN_TARGETS = new Set(["evening-review-slimdown"]);
+
+export async function run(args, ctx) {
+  if (args.includes("--help") || args.includes("-h")) {
+    printHelp();
+    return;
+  }
+  const opts = parseArgs(args);
+
+  if (!KNOWN_TARGETS.has(opts.target)) {
+    process.stderr.write(`Unknown verify target: ${opts.target}\n`);
+    process.stderr.write(`Available targets: ${[...KNOWN_TARGETS].join(", ")}\n`);
+    process.exit(2);
+  }
+
+  const dbPath = path.join(ctx.DATA_DIR, "data", "personal_agent.db");
+  if (!fs.existsSync(dbPath)) {
+    process.stderr.write(
+      `SQLite file not found at ${dbPath}.\n` +
+        `Has the daemon been started? Run \`aitne start\` first.\n`,
+    );
+    process.exit(3);
+  }
+
+  const verifyMod = await loadVerifyModule(ctx.PROJECT_ROOT);
+  if (!verifyMod) {
+    process.stderr.write(
+      "Daemon dist is missing — `packages/daemon/dist/core/evening-review-verify.js` " +
+        "did not resolve.\nRun `aitne build` first (or `aitne start`, which builds " +
+        "if stale).\n",
+    );
+    process.exit(3);
+  }
+
+  const { loadBetterSqlite3 } = await import("../lib/sqlite-loader.mjs");
+  const Database = await loadBetterSqlite3(ctx.PROJECT_ROOT);
+  const db = new Database(dbPath, { readonly: true, fileMustExist: true });
+
+  let report;
+  try {
+    const contextDir = verifyMod.resolveContextDirFromDb(db, ctx.DATA_DIR);
+    report = verifyMod.runEveningReviewSlimdownChecks({
+      db,
+      contextDir,
+      windowDays: opts.days,
+    });
+  } finally {
+    db.close();
+  }
+
+  if (opts.json) {
+    process.stdout.write(JSON.stringify(report, null, 2) + "\n");
+    process.exit(report.summary.failed > 0 ? 1 : 0);
+  }
+
+  printReport(opts.target, report, ctx);
+  process.exit(report.summary.failed > 0 ? 1 : 0);
+}
+
+// ─────────────────────────────────────────────────────────────────────────
+// CLI parsing
+// ─────────────────────────────────────────────────────────────────────────
+
+function parseArgs(args) {
+  const opts = {
+    target: "evening-review-slimdown",
+    days: 7,
+    json: false,
+  };
+
+  let positional = null;
+  for (let i = 0; i < args.length; i++) {
+    const a = args[i];
+    if (a === "--json") {
+      opts.json = true;
+      continue;
+    }
+    if (a === "--days") {
+      if (i + 1 >= args.length) {
+        process.stderr.write("--days requires a value\n");
+        process.exit(2);
+      }
+      const raw = args[++i];
+      const n = parseInt(raw, 10);
+      if (!Number.isFinite(n) || n <= 0 || n > 365) {
+        process.stderr.write(`--days must be a positive integer ≤ 365 (got: ${raw})\n`);
+        process.exit(2);
+      }
+      opts.days = n;
+      continue;
+    }
+    if (a.startsWith("-")) {
+      process.stderr.write(`Unknown flag: ${a}\n`);
+      process.stderr.write("See `aitne verify --help`.\n");
+      process.exit(2);
+    }
+    if (positional !== null) {
+      process.stderr.write(`Unexpected positional argument: ${a}\n`);
+      process.exit(2);
+    }
+    positional = a;
+  }
+  if (positional !== null) opts.target = positional;
+  return opts;
+}
+
+// ─────────────────────────────────────────────────────────────────────────
+// Daemon module + contextDir resolution
+// ─────────────────────────────────────────────────────────────────────────
+
+/**
+ * Dynamically import the compiled `evening-review-verify` module from
+ * the daemon's dist directory. Returns null when the dist is missing so
+ * the caller can surface a clear "build first" hint instead of a stack
+ * trace.
+ *
+ * Three resolution paths cover every shipping shape:
+ *
+ *   1. Workspace dev — pnpm symlinks `node_modules/@aitne/daemon` →
+ *      `packages/daemon`, so the compiled module sits under the repo's
+ *      own `packages/daemon/dist/`. Direct filesystem path.
+ *   2. Published install — `npm i -g @aitne-sh/aitne` installs
+ *      `@aitne/daemon` as a sibling under `<install>/node_modules/`.
+ *      The daemon's `package.json` only exports `.` (its barrel
+ *      index), so `import("@aitne/daemon/core/...")` is blocked by
+ *      Node's exports-field gate. Resolve the barrel via
+ *      `import.meta.resolve("@aitne/daemon")` to get the daemon root,
+ *      then reach the sibling file directly.
+ *   3. Legacy flatten — historical install layout where `dist/` ended up
+ *      at the project root. Kept as a last-resort fallback so a future
+ *      build/publish change doesn't silently break this CLI.
+ *
+ * The barrel `index.ts` does NOT re-export this module by design —
+ * verify is operator-tooling, not a daemon API surface — so we always
+ * go through the filesystem path rather than `import("@aitne/daemon")`.
+ */
+async function loadVerifyModule(projectRoot) {
+  const candidates = [
+    // 1. Workspace dev (pnpm symlink).
+    path.join(projectRoot, "packages/daemon/dist/core/evening-review-verify.js"),
+  ];
+  // 2. Published install — resolve via the daemon's own package root.
+  try {
+    const daemonMainUrl = import.meta.resolve("@aitne/daemon");
+    const daemonMainPath = fileURLToPath(daemonMainUrl);
+    candidates.push(
+      path.join(path.dirname(daemonMainPath), "core/evening-review-verify.js"),
+    );
+  } catch {
+    // @aitne/daemon not resolvable from this context — fall through to
+    // the legacy candidate below.
+  }
+  // 3. Legacy flatten fallback (defensive).
+  candidates.push(path.join(projectRoot, "dist/core/evening-review-verify.js"));
+
+  for (const candidate of candidates) {
+    if (fs.existsSync(candidate)) {
+      return import(pathToFileURL(candidate).href);
+    }
+  }
+  return null;
+}
+
+// ContextDir resolution lives in the typed daemon module
+// (`resolveContextDirFromDb`) so the degraded-mode branch + tilde
+// expansion are unit-tested in lockstep with `getContextDir`.
+
+// ─────────────────────────────────────────────────────────────────────────
+// Output
+// ─────────────────────────────────────────────────────────────────────────
+
+function printReport(target, report, ctx) {
+  console.log(`${ctx.APP_NAME} verify ${target} — ${report.checks.length} check(s)`);
+  console.log("");
+  const labelWidth = Math.max(...report.checks.map((c) => c.label.length));
+  for (const c of report.checks) {
+    const mark = c.status === "pass" ? "ok " : c.status === "warn" ? "warn" : "FAIL";
+    const label = c.label.padEnd(labelWidth);
+    console.log(`  [${mark}]  ${label}  ${c.detail}`);
+    if (c.hint && c.status !== "pass") {
+      console.log(`           ${" ".repeat(labelWidth)}  hint: ${c.hint}`);
+    }
+  }
+  const { passed, warned, failed, windowDays, installAgeDays } = report.summary;
+  console.log("");
+  console.log(
+    `${passed} ok · ${warned} warn · ${failed} fail · window ${windowDays}d · install age ~${installAgeDays}d`,
+  );
+}
+
+// ─────────────────────────────────────────────────────────────────────────
+// Help
+// ─────────────────────────────────────────────────────────────────────────
+
+function printHelp() {
+  console.log(`Usage: aitne verify [target] [flags]
+
+Run post-launch verification for a shipped design surface. Read-only —
+no daemon HTTP call required, no DB writes, no network. Safe to invoke
+any time.
+
+Targets:
+  evening-review-slimdown    (default)
+        Phase 4 of docs/design/appendices/evening-review-slimdown.md.
+        Bundles four checks:
+          1. Daily 17:45 \`roadmap_mechanical_maintenance\` audit row.
+          2. evening_review session envelope (cost / turns / tokens).
+          3. Conditional notify load (resolveSkillManifest mirror).
+          4. 30-day notify invocations attributable to evening_review.
+
+Flags:
+  --days <N>     Window for time-bounded checks (default 7, max 365).
+                 Capped at install age automatically; the 30-day notify
+                 sample uses min(30, install age) regardless.
+  --json         Machine-readable output. Implies no terminal formatting.
+  -h, --help     Print this message.
+
+Exit codes:
+  0   every check returned pass or warn
+  1   at least one check returned fail
+  2   argument error / unknown target
+  3   SQLite file or daemon dist missing — run \`aitne start\` once first
+
+Examples:
+  aitne verify
+  aitne verify evening-review-slimdown --days 14
+  aitne verify --json | jq '.summary'
+  aitne verify --json | jq '.checks[] | select(.status != "pass")'`);
+}

package/scripts/lib/ports.d.mts

@@ -0,0 +1,27 @@
+/**
+ * Type declarations for the plain-ESM launcher mirror `ports.mjs`.
+ *
+ * `ports.mjs` is hand-written JavaScript (it must run before the TypeScript
+ * build), so it carries no inferred types. This sidecar lets TypeScript
+ * consumers — notably the `packages/shared/src/ports.test.ts` drift guard,
+ * which imports this module to assert it stays in lockstep with the TS
+ * source-of-truth `packages/shared/src/ports.ts` — typecheck the import under
+ * `strict`. Keep these signatures identical to `ports.ts`'s exports (minus
+ * `loopbackOrigins`, which is TS-only and not mirrored here).
+ */
+
+/** Daemon HTTP API port. Overridable via `PA_API_PORT`. */
+export const DEFAULT_API_PORT: number;
+
+/** Dashboard (Next.js) port. Overridable via `PA_DASHBOARD_PORT`. */
+export const DEFAULT_DASHBOARD_PORT: number;
+
+/** Resolve the daemon API port from env, falling back to DEFAULT_API_PORT. */
+export function resolveApiPort(
+  env?: Record<string, string | undefined>,
+): number;
+
+/** Resolve the dashboard port from env, falling back to DEFAULT_DASHBOARD_PORT. */
+export function resolveDashboardPort(
+  env?: Record<string, string | undefined>,
+): number;

package/scripts/lib/ports.mjs

@@ -0,0 +1,36 @@
+/**
+ * Default network ports for the Aitne daemon API and dashboard.
+ *
+ * SINGLE SOURCE OF TRUTH (launcher / plain-ESM side). `bin/aitne.mjs` and the
+ * `scripts/**` launchers cannot import `@aitne/shared`: they run *before* the
+ * TypeScript build that produces it (running `aitne start` is what triggers
+ * that build), and the published package ships only `bin` + `scripts/*.mjs` +
+ * `agent-assets`, never `packages/`. So the defaults are mirrored here in a
+ * build-independent module that lives under the published `scripts/lib/`.
+ *
+ * The TypeScript mirror lives in `packages/shared/src/ports.ts`. The two are
+ * pinned together by `packages/shared/src/ports.test.ts`, which fails CI if
+ * the values ever drift. Change a default in BOTH or the test goes red.
+ */
+
+/** Daemon HTTP API port. Overridable via `PA_API_PORT`. */
+export const DEFAULT_API_PORT = 8321;
+
+/** Dashboard (Next.js) port. Overridable via `PA_DASHBOARD_PORT`. Not 3000 — that collides with most dev servers. */
+export const DEFAULT_DASHBOARD_PORT = 8322;
+
+function parsePort(raw) {
+  if (raw == null || raw === "") return null;
+  const n = Number.parseInt(raw, 10);
+  return Number.isFinite(n) && n > 0 ? n : null;
+}
+
+/** Resolve the daemon API port from env, falling back to DEFAULT_API_PORT. */
+export function resolveApiPort(env = process.env) {
+  return parsePort(env.PA_API_PORT) ?? DEFAULT_API_PORT;
+}
+
+/** Resolve the dashboard port from env, falling back to DEFAULT_DASHBOARD_PORT. */
+export function resolveDashboardPort(env = process.env) {
+  return parsePort(env.PA_DASHBOARD_PORT) ?? DEFAULT_DASHBOARD_PORT;
+}

package/scripts/lib/read-api-token.mjs

@@ -0,0 +1,176 @@
+/**
+ * Cross-platform reader for the daemon's `apiToken` secret.
+ *
+ * CLI scripts (`run-now`, `remint-roadmap-ids`) need the daemon's apiToken to
+ * call Approve-tier `/api/...` routes, but they intentionally must run WITHOUT
+ * a successful `@aitne/shared` build (which only ships `./dist/*.js`). So this
+ * helper re-implements the per-OS read inline, mirroring the secret clients in
+ * `packages/shared/src/`:
+ *
+ *   - darwin → macOS Keychain via `security` (service com.personal-agent.secret.apiToken)
+ *   - win32  → DPAPI: decrypt ~/.personal-agent/secrets/apiToken.dpapi via PowerShell
+ *   - linux  → libsecret (`secret-tool lookup`), else the AES-256-GCM file store
+ *   - WSL / other → the AES-256-GCM file store
+ *
+ * The file-store format/params and the DPAPI script are copied verbatim from
+ * `secret-client-file.ts` / `secret-client-windows.ts` — keep them in sync if
+ * those change. The secret clients hardcode `~/.personal-agent/secrets` (they
+ * do NOT honor PA_DATA_DIR), so this helper uses the same homedir-relative
+ * location to find what the daemon actually wrote.
+ *
+ * Returns the token string, or null when it cannot be read; the caller decides
+ * how to message the failure. Best-effort: never throws (so a CLI never dies
+ * with a raw stack trace on a misconfigured secret store).
+ */
+import { execFileSync } from "node:child_process";
+import { existsSync, readFileSync, statSync } from "node:fs";
+import { homedir } from "node:os";
+import { join } from "node:path";
+import { createDecipheriv, scryptSync } from "node:crypto";
+
+const SECRET_NAME = "apiToken";
+const KEYCHAIN_SERVICE = "com.personal-agent.secret.apiToken";
+
+function secretsDir() {
+  return join(homedir(), ".personal-agent", "secrets");
+}
+
+/** @returns {string | null} the daemon apiToken, or null if unreadable. */
+export function readApiToken() {
+  const platform = process.platform;
+  if (platform === "darwin") return readDarwin();
+  if (platform === "win32") return readWindows();
+  if (platform === "linux") {
+    if (!isWsl() && whichSync("secret-tool")) {
+      const fromKeyring = readSecretTool();
+      if (fromKeyring) return fromKeyring;
+    }
+    return readFileStore();
+  }
+  return readFileStore();
+}
+
+function readDarwin() {
+  // Byte-identical to the historical `security` read so macOS cannot regress.
+  try {
+    return execFileSync(
+      "security",
+      ["find-generic-password", "-s", KEYCHAIN_SERVICE, "-w"],
+      { encoding: "utf-8" },
+    ).trim();
+  } catch {
+    return null;
+  }
+}
+
+/** Cross-platform `which`, returning the resolved path or null. */
+function whichSync(cmd) {
+  const tool = process.platform === "win32" ? "where" : "which";
+  try {
+    const out = execFileSync(tool, [cmd], {
+      stdio: ["ignore", "pipe", "ignore"],
+      timeout: 2_000,
+    });
+    return out.toString().split(/\r?\n/)[0]?.trim() || null;
+  } catch {
+    return null;
+  }
+}
+
+function readWindows() {
+  const path = join(secretsDir(), `${SECRET_NAME}.dpapi`);
+  if (!existsSync(path)) return null;
+  const encrypted = readFileSync(path, "utf-8").trim();
+  // Prefer in-box Windows PowerShell 5.1, fall back to PowerShell 7+ (pwsh),
+  // matching the daemon's secret-client-factory resolution order.
+  const psBinary = whichSync("powershell.exe")
+    ? "powershell.exe"
+    : whichSync("pwsh.exe")
+      ? "pwsh.exe"
+      : "powershell.exe";
+  // Mirrors WindowsDpapiSecretClient.get(): DPAPI-decrypt via
+  // ConvertTo-SecureString and marshal back to plaintext. The ciphertext is
+  // passed via stdin, never interpolated into the script, to avoid injection.
+  const script = [
+    "$enc = [System.Console]::In.ReadToEnd().Trim()",
+    "$ss = ConvertTo-SecureString $enc",
+    "$bstr = [System.Runtime.InteropServices.Marshal]::SecureStringToBSTR($ss)",
+    "try { [System.Runtime.InteropServices.Marshal]::PtrToStringAuto($bstr) }",
+    "finally { [System.Runtime.InteropServices.Marshal]::ZeroFreeBSTR($bstr) }",
+  ].join("; ");
+  try {
+    const out = execFileSync(
+      psBinary,
+      ["-NoProfile", "-NonInteractive", "-Command", script],
+      { input: encrypted, encoding: "utf-8", timeout: 10_000 },
+    );
+    return out.trimEnd() || null;
+  } catch {
+    return null;
+  }
+}
+
+function readSecretTool() {
+  try {
+    const out = execFileSync(
+      "secret-tool",
+      ["lookup", "service", "personal-agent", "key", SECRET_NAME],
+      { encoding: "utf-8", timeout: 5_000 },
+    );
+    return out.replace(/\n$/, "") || null;
+  } catch {
+    return null;
+  }
+}
+
+/**
+ * Detect WSL. WSL reports platform "linux" but cannot use `secret-tool`
+ * (D-Bus / GNOME Keyring typically unavailable), so it uses the file store.
+ */
+function isWsl() {
+  try {
+    return /microsoft|wsl/i.test(readFileSync("/proc/version", "utf-8"));
+  } catch {
+    return false;
+  }
+}
+
+// ── AES-256-GCM file store (mirrors secret-client-file.ts) ────────────────
+const FILE_ALGORITHM = "aes-256-gcm";
+const FILE_KEY_LENGTH = 32; // 256 bits
+const FILE_SCRYPT = { N: 16384, r: 8, p: 1 };
+
+/** Resolve the file-store master password (env, then key file); null if none. */
+function resolveMasterPassword() {
+  if (process.env.PA_MASTER_PASSWORD) return process.env.PA_MASTER_PASSWORD;
+  const keyFilePath = join(secretsDir(), ".master-key");
+  if (!existsSync(keyFilePath)) return null;
+  // Refuse to read a key file with insecure permissions (mirrors the daemon's
+  // 0600/0400 gate); degrade to null rather than risk exposing it.
+  const mode = statSync(keyFilePath).mode & 0o777;
+  if (mode !== 0o600 && mode !== 0o400) return null;
+  return readFileSync(keyFilePath, "utf-8").trim();
+}
+
+function readFileStore() {
+  const path = join(secretsDir(), `${SECRET_NAME}.enc`);
+  if (!existsSync(path)) return null;
+  try {
+    const password = resolveMasterPassword();
+    if (!password) return null;
+    const stored = JSON.parse(readFileSync(path, "utf-8"));
+    const salt = Buffer.from(stored.salt, "hex");
+    const iv = Buffer.from(stored.iv, "hex");
+    const authTag = Buffer.from(stored.authTag, "hex");
+    const ciphertext = Buffer.from(stored.ciphertext, "hex");
+    const key = scryptSync(password, salt, FILE_KEY_LENGTH, FILE_SCRYPT);
+    const decipher = createDecipheriv(FILE_ALGORITHM, key, iv);
+    decipher.setAuthTag(authTag);
+    return Buffer.concat([
+      decipher.update(ciphertext),
+      decipher.final(),
+    ]).toString("utf-8");
+  } catch {
+    return null;
+  }
+}

package/scripts/start.mjs

@@ -6,6 +6,7 @@ import path from "node:path";
 import process from "node:process";
 import { ensureBuild, log } from "./run-node.mjs";
 import { openBrowser, waitForHttpReady } from "./browser.mjs";
+import { resolveDashboardPort } from "./lib/ports.mjs";
 
 const IS_WINDOWS = process.platform === "win32";
 const requireFromScript = createRequire(import.meta.url);
@@ -57,7 +58,7 @@ function nextSpawnArgs(dashboardDir, nextBin, userArgs) {
  * 5. Ctrl+C stops both
  */
 
-const DASHBOARD_PORT = parseInt(process.env.PA_DASHBOARD_PORT || "3000", 10);
+const DASHBOARD_PORT = resolveDashboardPort();
 const noOpen = process.argv.slice(2).includes("--no-open");
 const children = [];
 let shuttingDown = false;

package/agent-assets/docs/features/lifestyle/travel-time.md

@@ -1,52 +0,0 @@
----
-schema_version: 1
-slug: features/lifestyle/travel-time
-title: Travel Time
-id: travel-time
-aliases:
-  - door to door
-  - eta
-category: features
-summary: |
-  A skill that estimates door-to-door travel time given an origin
-  and destination — used by schedule-approaching reminders for
-  events with location.
-section: lifestyle
-tags:
-  - lifestyle
-  - travel
-  - skill
-status: stable
-ask_examples:
-  - How long will it take me to get to the airport?
-  - Does the agent know about traffic?
-locale: en-US
-created: 2026-04-25
-updated: 2026-04-25
-related:
-  - features/lifestyle/travel-bookings
-  - features/operations/schedule-approaching
----
-
-# Travel Time
-
-## In One Sentence
-
-A skill the agent calls to estimate door-to-door travel time before
-a calendar event with a location.
-
-## What It Does
-
-- Reads origin (current location, configured home/work) and
-  destination (event location).
-- Returns a typical-time estimate with mode (drive, transit, walk).
-- Used by `schedule-approaching` reminders to lead-time the alert.
-
-## Where in the Dashboard
-
-There is no operator surface for the travel-time data itself; the
-estimates appear inline in event reminders and morning routines.
-
-## Related
-
-- [Schedule Approaching](../operations/schedule-approaching.md)

package/agent-assets/docs/features/routines/monthly-review.md

@@ -1,65 +0,0 @@
----
-schema_version: 1
-slug: features/routines/monthly-review
-title: Monthly Review
-id: monthly-review
-aliases:
-  - monthly retro
-category: features
-summary: |
-  Once a month, the agent rolls up the four weekly retros into a
-  single monthly synthesis under monthly/<YYYY-MM>.md.
-section: routines
-tags:
-  - routine
-  - autonomous
-  - light-tier
-status: stable
-ask_examples:
-  - When does the monthly review fire?
-  - Where do monthly retros live?
-locale: en-US
-created: 2026-04-25
-updated: 2026-04-25
-related:
-  - features/routines/weekly-review
-process_keys:
-  - routine.monthly_review
----
-
-# Monthly Review
-
-## In One Sentence
-
-Light-tier monthly retro that synthesizes the four weekly reviews into
-a single monthly file.
-
-## What It Does
-
-- Reads the past month of weekly retros.
-- Surfaces threads, recurring patterns, and unfinished pushes.
-- Writes the synthesis into `monthly/<YYYY-MM>.md`.
-
-## When It Runs / How It Is Triggered
-
-The **last day of the calendar month at 18:00 local time**. The schedule
-is fixed in `packages/daemon/src/core/scheduler.ts` and is not
-operator-configurable.
-
-## What It Outputs
-
-- A single `monthly/<YYYY-MM>.md` file.
-
-## Configuration
-
-This routine has no operator-tunable knobs. The fire time, day-of-month,
-and tier are fixed in code.
-
-## When Something Goes Wrong
-
-- A late-month install will skip the first month's retro because
-  there are not four weekly retros to synthesize yet.
-
-## Related
-
-- [Weekly Review](weekly-review.md)