Comment by sarchertech

Ask 5 people about the purpose of mandatory PR reviews and you’ll get 6 answers.

However catching bugs is always going to be at or near the top of list, so clearly it’s at least partially about catching bugs.

I’d argue that catching bugs along with ticking a compliance checkbox (which is only there because something thinks they catch bugs and malicious code) are the 2 primarily reasons that the business part of the company cares about or requires code reviews in the first place.