Bugs do get to prod, that’s just reality. If you keep changes small and release often you won’t see many big bugs in production. We typically keep master in an “always deployable” state. If a bug gets found in prod, we either fix it or create a new commit that reverts the commit that caused the problem. If it’s a faulty migration, reverting the commit usually won’t work and we have to fix the bug. For QA we use a mix of automated tests and manual tests.