Approval is not mandatory for all PRs. You can change your policy about it and easily justify it with your auditor.
=> It makes way more sense to have important stuff reviewed vs automated approval from a bot.
I think most people blindly try to get controls in Vanta/Drata to pass like us. I'd much rather build a dumb bot than having to talk to my auditor. But still
emregucerr|1 year ago
> we realize how stupid this is