Yeah, this is textbook regression testing (A). The whole idea is to run past bug scenarios whenever you pull in older components or make changes, so you can catch stuff like this before it hits production. Code signing and SCA wouldn't actually catch the logic flaw itself. Pretty sure A's the answer here.
Isn't the main issue here that a fixed bug came back after integrating an old component? That usually means something's missing in the regression test suite, rather than needing more automation like C. If tests for that bug had run, it should've been caught even with new-old code coming in. Anyone got a scenario where code signing or SCA (B/E) would actually prevent this?
I don't think it's C. Automated test and retest sounds nice but if the test cases aren't covering previously fixed bugs, automation won't help. A (regression testing) directly targets this problem and is meant to prevent old issues from resurfacing after changes. Tempting to pick C with all the automation buzz but pretty sure A is what they'd expect here. Disagree?
