Sure, but you should always have a core contributor required to review code before it gets merged. That’s a feature GitHub offers, and it should be used. Block all PRs unless there’s at least one review from a trusted contributor, and consider requiring a second review from any source.
Requiring a review from a trusted contributor ensures that one of those trusted contributors reviews the code. The one main maintainer should add more people to that trusted circle, which will ensure that at least one of those will review all code that goes into the codebase.
If people see that code isn’t being merged, someone will step up to request to be in that trusted circle.
Sure, but you should always have a core contributor required to review code before it gets merged. That’s a feature GitHub offers, and it should be used. Block all PRs unless there’s at least one review from a trusted contributor, and consider requiring a second review from any source.
That doesn’t solve the issue that there are too few contributors. Requiring a review doesn’t ensure that someone reviews the code.
Requiring a review from a trusted contributor ensures that one of those trusted contributors reviews the code. The one main maintainer should add more people to that trusted circle, which will ensure that at least one of those will review all code that goes into the codebase.
If people see that code isn’t being merged, someone will step up to request to be in that trusted circle.