Explicitly document that AppSec approvals are not needed for backports
I've added a sentence to make it explicit that AppSec approval is not needed for backports due to a few people being confused about this during the 13.6 milestone.
I did run into a situation recently where merge conflicts and missing libraries caused the backport to diverge significantly. I wonder if it would be worth getting an approval in this case.
Edited by Allison Browne