A brief policy should be drafted to explain the SIMP team's code integrity policy. This should include:
Two-team member code review & approval
Automated linting and tests
In the submitter's opinion, this should include:
[Signed merge commits/signed-off patch ammends](https://mikegerwitz.com/papers/git-horror-story#trust-ensure) for CRed + approved community patches
Security-sensitive automated tests (e.g., beaker nodesets) should not run on PR's unless its HEAD has been signed by a team member.