In a situation like this, am I wrong to believe mandatory code review is necessary? Our pull request policies require that the PR's build succeed and a minimum of 2 approvals by team members who are neither the creator of the PR nor a commit author. Even still many code reviews are just rubber stamp approvals. I've seen PRs with failed builds that have two approvals. The time the coworker shipped code that had obviously not been tested because the JavaScript failed to compile, it had two approvals but clearly neither of them had reviewed it. Management has asked what we can do but never acted on any of the suggestions I've given. And yet, I like these people and feel like this has been one of the better places I've worked.
C