From 0cf478e32d5820d070a35230f3b25c23fdf88166 Mon Sep 17 00:00:00 2001
From: daynewlee <yli3@redhat.com>
Date: Tue, 7 Apr 2026 15:30:20 -0500
Subject: [PATCH 1/7] test

---
 e2etests/testcase_test.go | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/e2etests/testcase_test.go b/e2etests/testcase_test.go
index 63a267469..1ab075a09 100644
--- a/e2etests/testcase_test.go
+++ b/e2etests/testcase_test.go
@@ -991,7 +991,7 @@ var testCases = []testCase{
 					{
 						Name:          "CVE-2018-1125",
 						NamespaceName: "centos:7",
-						Description:   "DOCUMENTATION: If a process inspected by pgrep has an argument longer than INT_MAX bytes, \"int bytes\" could wrap around back to a large positive int (rather than approaching zero), leading to a stack buffer overflow via strncat().                           MITIGATION: The procps suite on Red Hat Enterprise Linux is built with FORTIFY, which limits the impact of this stack overflow (and others like it) to a crash.",
+						Description:   "DOCUMENTATION: If a process inspected by pgrep has an argument longer than INT_MAX bytes, \"int bytes\" could wrap around back to a large positive int (rather than approaching zero), leading to a stack buffer overflow via strncat().                          MITIGATION: The procps suite on Red Hat Enterprise Linux is built with FORTIFY, which limits the impact of this stack overflow (and others like it) to a crash.",
 						Link:          "https://access.redhat.com/security/cve/CVE-2018-1125",
 						Severity:      "Low",
 						Metadata: map[string]interface{}{

From d29b3f341facdb257898bffd994afc5037905de5 Mon Sep 17 00:00:00 2001
From: daynewlee <yli3@redhat.com>
Date: Tue, 7 Apr 2026 16:34:33 -0500
Subject: [PATCH 2/7] normalize string

---
 e2etests/sanity_test.go | 12 ++++++++++++
 1 file changed, 12 insertions(+)

diff --git a/e2etests/sanity_test.go b/e2etests/sanity_test.go
index bca846a75..9f1c86e48 100644
--- a/e2etests/sanity_test.go
+++ b/e2etests/sanity_test.go
@@ -58,6 +58,10 @@ func checkMatch(t *testing.T, source string, expectedVuln, matchingVuln v1.Vulne
 	}
 	expectedVuln.Metadata = nil
 	matchingVuln.Metadata = nil
+
+	expectedVuln.Description = normalizeString(expectedVuln.Description)
+	matchingVuln.Description = normalizeString(matchingVuln.Description)
+
 	assert.Equal(t, expectedVuln, matchingVuln)
 }
 
@@ -149,6 +153,9 @@ func verifyImageHasExpectedFeatures(t *testing.T, client *client.Clairify, test
 			feature.FixedBy = ""
 			matching.FixedBy = ""
 
+			feature.Description = normalizeString(feature.Description)
+			matching.Description = normalizeString(matching.Description)
+
 			// Ensure the parts of the feature aside from the provided executables and vulnerabilities are equal, too.
 			assert.Equal(t, feature, *matching)
 		})
@@ -183,3 +190,8 @@ func deepGet(m map[string]interface{}, keys ...string) interface{} {
 	}
 	return currVal
 }
+
+// normalize strings: removes newlines and collapses multiple spaces into one.
+func normalizeString(s string) string {
+	return strings.Join(strings.Fields(s), " ")
+}

From 554553ed2973a71352a3578f3f4a396efe516d48 Mon Sep 17 00:00:00 2001
From: daynewlee <yli3@redhat.com>
Date: Tue, 7 Apr 2026 18:27:47 -0500
Subject: [PATCH 3/7] update

---
 e2etests/sanity_test.go | 3 ---
 1 file changed, 3 deletions(-)

diff --git a/e2etests/sanity_test.go b/e2etests/sanity_test.go
index 9f1c86e48..7e043f5cd 100644
--- a/e2etests/sanity_test.go
+++ b/e2etests/sanity_test.go
@@ -153,9 +153,6 @@ func verifyImageHasExpectedFeatures(t *testing.T, client *client.Clairify, test
 			feature.FixedBy = ""
 			matching.FixedBy = ""
 
-			feature.Description = normalizeString(feature.Description)
-			matching.Description = normalizeString(matching.Description)
-
 			// Ensure the parts of the feature aside from the provided executables and vulnerabilities are equal, too.
 			assert.Equal(t, feature, *matching)
 		})

From 4c6680e05f8b35a31c343a86ac0c0eb40815c711 Mon Sep 17 00:00:00 2001
From: daynewlee <yli3@redhat.com>
Date: Tue, 7 Apr 2026 18:31:21 -0500
Subject: [PATCH 4/7] fix import

---
 e2etests/sanity_test.go | 1 +
 1 file changed, 1 insertion(+)

diff --git a/e2etests/sanity_test.go b/e2etests/sanity_test.go
index 7e043f5cd..60677088f 100644
--- a/e2etests/sanity_test.go
+++ b/e2etests/sanity_test.go
@@ -7,6 +7,7 @@ import (
 	"encoding/json"
 	"fmt"
 	"sort"
+	"strings"
 	"testing"
 
 	v1 "github.com/stackrox/scanner/api/v1"

From 1afba946937e09d54f64259d9c1e6782dacdb2ec Mon Sep 17 00:00:00 2001
From: daynewlee <yli3@redhat.com>
Date: Wed, 8 Apr 2026 08:42:19 -0500
Subject: [PATCH 5/7] normalize strings

---
 e2etests/grpc_full_test.go | 10 ++++++++++
 1 file changed, 10 insertions(+)

diff --git a/e2etests/grpc_full_test.go b/e2etests/grpc_full_test.go
index 67d43d3fa..989d0c6ad 100644
--- a/e2etests/grpc_full_test.go
+++ b/e2etests/grpc_full_test.go
@@ -9,6 +9,7 @@ import (
 	"context"
 	"fmt"
 	"sort"
+	"strings"
 	"testing"
 
 	"github.com/stackrox/scanner/api/v1/features"
@@ -153,6 +154,10 @@ func checkGRPCMatch(t *testing.T, expectedVuln, matchingVuln *v1.Vulnerability)
 	}
 	expectedVuln.MetadataV2 = nil
 	matchingVuln.MetadataV2 = nil
+
+	expectedVuln.Description = normalizeString(expectedVuln.Description)
+	matchingVuln.Description = normalizeString(matchingVuln.Description)
+
 	assert.Equal(t, expectedVuln, matchingVuln)
 }
 
@@ -191,3 +196,8 @@ func TestGRPCVulnDefsMetadata(t *testing.T) {
 	require.NoError(t, err)
 	assert.NotNil(t, metadata.GetLastUpdatedTime())
 }
+
+// normalize strings: removes newlines and collapses multiple spaces into one.
+func normalizeString(s string) string {
+	return strings.Join(strings.Fields(s), " ")
+}

From 4558ecfb671ec2bf5f05f0450d4e8e1ffc739fdc Mon Sep 17 00:00:00 2001
From: daynewlee <yli3@redhat.com>
Date: Wed, 8 Apr 2026 18:23:02 -0500
Subject: [PATCH 6/7] test

---
 e2etests/grpc_full_test.go | 6 ------
 1 file changed, 6 deletions(-)

diff --git a/e2etests/grpc_full_test.go b/e2etests/grpc_full_test.go
index 989d0c6ad..d065c637e 100644
--- a/e2etests/grpc_full_test.go
+++ b/e2etests/grpc_full_test.go
@@ -9,7 +9,6 @@ import (
 	"context"
 	"fmt"
 	"sort"
-	"strings"
 	"testing"
 
 	"github.com/stackrox/scanner/api/v1/features"
@@ -196,8 +195,3 @@ func TestGRPCVulnDefsMetadata(t *testing.T) {
 	require.NoError(t, err)
 	assert.NotNil(t, metadata.GetLastUpdatedTime())
 }
-
-// normalize strings: removes newlines and collapses multiple spaces into one.
-func normalizeString(s string) string {
-	return strings.Join(strings.Fields(s), " ")
-}

From 4623ea7d9f4d1564c10c8b16e27f64d5fc0aef7b Mon Sep 17 00:00:00 2001
From: Yi Li <yli3@redhat.com>
Date: Thu, 9 Apr 2026 08:20:42 -0500
Subject: [PATCH 7/7] Apply suggestion from @dcaravel

Co-authored-by: David Caravello <119438707+dcaravel@users.noreply.github.com>
---
 e2etests/sanity_test.go | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/e2etests/sanity_test.go b/e2etests/sanity_test.go
index 60677088f..dbf503f7c 100644
--- a/e2etests/sanity_test.go
+++ b/e2etests/sanity_test.go
@@ -189,7 +189,7 @@ func deepGet(m map[string]interface{}, keys ...string) interface{} {
 	return currVal
 }
 
-// normalize strings: removes newlines and collapses multiple spaces into one.
+// normalizeString removes newlines and collapses multiple spaces into one.
 func normalizeString(s string) string {
 	return strings.Join(strings.Fields(s), " ")
 }