[halostatue]

I have been in the industry for a fairly long time and I have seen code review tools pop up, and GitHub came fairly late to the table (IIRC, I was using a code review tool in 2007 against Perforce; GitHub wasn’t generally available until 2008 and I think I joined in late 2008 or early 2009).

I have been on teams where we simply merged things when complete and where we required code review before merge. In every case, the latter had better overall speed because we weren’t (usually) introducing regressions because no one had seen the code. (Pairing is a form of real-time code review, but the team I worked on that used pairing heavily still needed code review; I remember a regression was introduced even though the code had been pair-developed.)

There is, however, a case where if one works in an industry where ISO270001 or SOC2 or PCI compliance is required, recommended, whatever — you will have to have a policy on code review in order to pass.