adding changes

[Jobin0407]

No description provided.

[Jobin0407]

feat(chatbot): add WhatsApp chatbot core with stage-driven conversation flow

Summary
Adds a WhatsApp chatbot backend that handles staged conversations, session storage, and message routing.

What changed

Adds core server and routing: server.js
Implements conversation stages: stages/ (0..5, 99, neighborhoods)
Session and persistence: storage.js, db.js, tokens/
Menu and flow control: menu.js, stages/index.js
Cron jobs entry: cron_jobs.js
Why
Provides a modular, stage-based chatbot engine to support guided conversations over WhatsApp and persist session state.

How to test

Start the server: run the app as per README (or node server.js).
Send test messages via the configured WhatsApp session.
Verify stage transitions, session persistence, and menu behavior.
Notes

See README.md and QUICK_REFERENCE.md for setup and token configuration.
No breaking changes to external APIs.

[bibinprathap]

Formal Adjudication and Request for Revisions on PR #6
To: @Jobin0407 From: @bibinprathap

Thank you for this significant contribution. This pull request (PR) proposes a major architectural addition: a new WhatsApp chatbot core implementing a stage-driven conversation flow, session persistence, and database routing.

After a thorough assessment of the proposal, I am Requesting Changes. This PR introduces a commendable amount of new functionality; however, it cannot be merged in its current form.

My adjudication is based on the following critical issues regarding process, architecture, and risk.

1. Foundational Issue: Reviewability and Scope

This PR, with +4,026 and -1,694 lines changed across 36 files, is fundamentally unreviewable. It combines multiple, distinct, and high-impact features into a single monolithic submission. This includes:

Core server logic (server.js)

New database models and persistence logic (db.js)

Session state management (storage.js)

Multiple new conversation stages (stages/)

Menu and flow control (menu.js)

Cron job initial-entry (cron_jobs.js)

It is impossible for me, or any maintainer, to perform the required, high-level of scrutiny for security, performance, and long-term architectural health on a PR of this magnitude. Merging this change as-is would bypass the critical judging and quality control function that this project relies on.  

2. Architectural Concern: Separation of Concerns

By bundling the core server, database logic, and session persistence into one submission, this PR tightly couples unrelated components. This makes it impossible to assess the impact of each component individually. This introduces significant risk of creating a "big ball of mud" architecture that will be difficult to debug, test, and scale.

3. Unassessed Risk: Security and Performance

A change of this type, which adds new database models (db.js) and state management (storage.js), introduces a significant new attack surface. Due to the PR's size (Point 1), it is not possible to properly vet these new components for:

Security: Critical vulnerabilities such as data sanitization failures, injection risks, or insecure session handling.

Performance: Potential bottlenecks, inefficient database queries (e.g., N+1 problems), or memory leaks in session storage.

As the maintainer, I cannot approve a contribution that contains such a large and unassessed risk profile.

Mandatory Path Forward
To proceed, this PR must be Closed.

It must be resubmitted as a stack of smaller, logically distinct, and independently deployable pull requests. Each PR should be small enough to be reviewed meticulously (ideally <300 lines).

I suggest the following plan:

PR 1: Database and Persistence. A PR introducing only the db.js and storage.js logic, along with its unit tests.

PR 2: Core Server. A PR introducing the server.js framework, after PR 1 is merged.

PR 3: Flow Control. A PR for the menu.js and core stage index.

PR 4...N: Individual Stages. Each conversation stage (stages/0, stages/1, etc.) should be submitted as its own separate pull request, allowing for isolated review of its logic.

This approach is non-negotiable. It will allow for a proper, methodical review of each component, ensuring the long-term stability, security, and maintainability of the main branch.

This adjudication stands: the work is promising, but it must be refactored as specified before it can be considered for merging.

[bibinprathap]

My adjudication is based on the following critical issues regarding process, architecture, and risk.

Foundational Issue: Reviewability and Scope
This PR, with +4,026 and -1,694 lines changed across 36 files, is fundamentally unreviewable. It combines multiple, distinct, and high-impact features into a single monolithic submission. This includes:

Core server logic (server.js)

New database models and persistence logic (db.js)

Session state management (storage.js)

Multiple new conversation stages (stages/)

Menu and flow control (menu.js)

Cron job initial-entry (cron_jobs.js)

It is impossible for me, or any maintainer, to perform the required, high-level of scrutiny for security, performance, and long-term architectural health on a PR of this magnitude. Merging this change as-is would bypass the critical judging and quality control function that this project relies on.

Architectural Concern: Separation of Concerns
By bundling the core server, database logic, and session persistence into one submission, this PR tightly couples unrelated components. This makes it impossible to assess the impact of each component individually. This introduces significant risk of creating a "big ball of mud" architecture that will be difficult to debug, test, and scale.

Unassessed Risk: Security and Performance
A change of this type, which adds new database models (db.js) and state management (storage.js), introduces a significant new attack surface. Due to the PR's size (Point 1), it is not possible to properly vet these new components for:

Security: Critical vulnerabilities such as data sanitization failures, injection risks, or insecure session handling.

Performance: Potential bottlenecks, inefficient database queries (e.g., N+1 problems), or memory leaks in session storage.

As the maintainer, I cannot approve a contribution that contains such a large and unassessed risk profile.

Mandatory Path Forward
To proceed, this PR must be Closed.

It must be resubmitted as a stack of smaller, logically distinct, and independently deployable pull requests. Each PR should be small enough to be reviewed meticulously (ideally <300 lines).

I suggest the following plan:

PR 1: Database and Persistence. A PR introducing only the db.js and storage.js logic, along with its unit tests.

PR 2: Core Server. A PR introducing the server.js framework, after PR 1 is merged.

PR 3: Flow Control. A PR for the menu.js and core stage index.

PR 4...N: Individual Stages. Each conversation stage (stages/0, stages/1, etc.) should be submitted as its own separate pull request, allowing for isolated review of its logic.

This approach is non-negotiable. It will allow for a proper, methodical review of each component, ensuring the long-term stability, security, and maintainability of the main branch.

This adjudication stands: the work is promising, but it must be refactored as specified before it can be considered for merging.