In smart contract repos, pull requests are not expected to be full contract vulnerability reviews. Instead, review style, dependency changes, tests, etc and perform a very brief contract review to see if you catch anything obvious. This means that just because a contract is in master
does not mean it is ready for production.