I have a repo owned by our organisation and I have used the CODEOWNERS file to specify that any change to a file under /policies/* must be approved by a member of our infosec team:
This then tells me that I need an approved reviewer from our infosec-team - once I get that, my colleague gets the below screen. It says he must be a collaborator and he must have write access. We added that person to the repo as a member of a team and that team has write access. Adding everyone as a collaborator is not what we want to do. This person should be able to merge, can someone help with where we may be going wrong?