unsafe approvers does not work like ADO

[chris-oo]

Anyone in the hvlite team can signoff on any PR, because github does not have a stock way of enforcing every required reviewer signs off, only that a set number of reviewers sign off. See https://github.com/orgs/community/discussions/23765

One way of accomplishing this could be some more github actions that assign a unsafe-reviewers-required label, and unsafe-reviewers-approved labels that are driven by those teams.

[chris-oo]

Actually, the right thing to do is have the unsafe-reviewers.py script to validate that someone from the unsafe reviewers signed off, and mark red otherwise.