I’m the developer of aurora-editor, which is an electron-based markdown editor. Recently I integrated puppeteer to achieve some new features like exporting documents to images.
Since the puppeteer library has some internal executable binaries as chromium drivers, the new release triggered some manual review process (revision#46). I understand that you are trying the best to protect users’ security. I explained the reason for containing binary files in that release and it has been approved. But today when I tried to push a new release again, some similar manual review process (revision#47) has been triggered again.
Just some advice, I think your process can be more friendly for developers by storing the approved executable binaries (path and content hash) and avoiding redundant manual reviews.