Plan migration of AI assistant GitHub bot from BLT to Toasty (with open PR and roadmap comparison references)

[DonnieBLT]

Migration Plan: AI Assistant GitHub Bot from OWASP-BLT/BLT to Toasty

Overview

This issue outlines a step-by-step plan for migrating the AI assistant GitHub bot functionality from the OWASP-BLT/BLT repository into the OWASP-BLT/Toasty repository. The plan references all currently pending PRs in BLT that may affect or be affected by the migration. It will also evaluate the feature that compares PRs to the roadmap.

1. Audit Pending Pull Requests in BLT

These open PRs may impact the migration scope or require additional porting or reimplementation:

2. Inventory AI Assistant Bot Components

• Identify all files, modules, dependencies, app registrations, and configuration in BLT that implement the GitHub AI assistant bot.
• List integration points with BLT services (models, signals, celery jobs, GitHub hooks).

3. Establish Migration Requirements

• Determine minimum required features for Toasty integration.
• Ensure compatibility of dependencies and environment with Toasty (Python, Docker, CI, authentication)
• Ensure Toasty has access to necessary GitHub tokens/secrets.

4. Plan Migration Steps

1. Freeze changes to bot code in BLT (after reconciling any critical PRs related to the bot).
2. Port the core bot logic, APIs, settings, and secrets to Toasty.
3. Update Toasty’s documentation and Docker configuration for the migrated bot.
4. Verify integration with Toasty’s existing services (see README and pyproject.toml for service patterns).
5. Update/test pre-commit, Poetry, and CI for Toasty.
6. Perform local and staging environment validation.
7. Deprecate/remove bot code from BLT after cutover is validated.

5. Evaluate PR-to-Roadmap Comparison Feature

• Review BLT’s implementation of the feature that compares PRs to the roadmap (could involve specific scripts, GitHub Actions, or Django logic)
• Determine whether this functionality is essential for Toasty or can be improved upon
• Plan porting or refactoring as required

6. Coordinate with Stakeholders

• Communicate migration plan to maintainers/developers of both projects
• Ensure downtime or feature freeze windows are approved
• Provide regular migration progress updates

---

References:

• All open PRs in BLT
• Compare PRs to roadmap: search results

Action:

• Review and approve migration plan steps
• Assign leads for bot inventory, migration execution, and roadmap feature audit

[Srijito354]

Hi! Thanks for outlining the migration plan — this is super helpful.

I’m currently exploring the PR prioritization module using semantic similarity (discussed previously on Slack), and I want to ensure that whatever I build aligns with the bot migration plans and evolving architecture of Toasty.

Once the bot migration plan stabilizes, I’d be happy to begin drafting the module structure and design so it integrates smoothly with the new layout.

Can you let me know when it would be appropriate to propose a folder/module structure for the PR analyzer component?

Thanks again!