As Owner of an application I would like to ensure that no one could promote it above a certain environment (example above QA environment).
This would be extremely helpful to prevent that certain applications such as sandboxes, templates and test benches to end up accidentaly in production environments exposing those to security vulnerabilities.
You can already do this using teams and roles. In LifeTime, configure 2+ rolls:
Default role: can push to QA
Then create a team, add the apps that developers are allowed to push to Prod, then assign that team the roll of can push to Prod.