l3montree-dev · timbastin · Apr 12, 2026 · Apr 9, 2026 · Apr 9, 2026 · Apr 9, 2026
diff --git a/controllers/dependency_vuln_controller.go b/controllers/dependency_vuln_controller.go
@@ -5,6 +5,7 @@ import (
 	"encoding/json"
 	"log/slog"
 	"slices"
+	"strings"
 	"time"
 
 	"go.opentelemetry.io/otel/trace"
@@ -81,7 +82,7 @@ func (controller DependencyVulnController) ListByOrgPaged(ctx shared.Context) er
 			return p.GetID().String()
 		}),
 		shared.GetPageInfo(ctx),
-		ctx.QueryParam("search"),
+		strings.TrimSpace(ctx.QueryParam("search")),
 		shared.GetFilterQuery(ctx),
 		shared.GetSortQuery(ctx),
 	)
@@ -102,7 +103,7 @@ func (controller DependencyVulnController) ListByProjectPaged(ctx shared.Context
 		project.ID,
 
 		shared.GetPageInfo(ctx),
-		ctx.QueryParam("search"),
+		strings.TrimSpace(ctx.QueryParam("search")),
 		shared.GetFilterQuery(ctx),
 		shared.GetSortQuery(ctx),
 	)
@@ -129,11 +130,12 @@ func (controller DependencyVulnController) ListByProjectPaged(ctx shared.Context
 // @Success 200 {object} object
 // @Router /organizations/{organization}/projects/{projectSlug}/assets/{assetSlug}/refs/{assetVersionSlug}/dependency-vulns [get]
 func (controller DependencyVulnController) ListPaged(ctx shared.Context) error {
+	formattedSearch := strings.TrimSpace(ctx.QueryParam("search"))
 	// get the asset
 	assetVersion := shared.GetAssetVersion(ctx)
 	// check if we should list flat - this means not grouped by package
 	if ctx.QueryParam("flat") == "true" {
-		dependencyVulns, err := controller.dependencyVulnRepository.GetDependencyVulnsByAssetVersionPagedAndFlat(ctx.Request().Context(), nil, assetVersion.Name, assetVersion.AssetID, shared.GetPageInfo(ctx), ctx.QueryParam("search"), shared.GetFilterQuery(ctx), shared.GetSortQuery(ctx))
+		dependencyVulns, err := controller.dependencyVulnRepository.GetDependencyVulnsByAssetVersionPagedAndFlat(ctx.Request().Context(), nil, assetVersion.Name, assetVersion.AssetID, shared.GetPageInfo(ctx), formattedSearch, shared.GetFilterQuery(ctx), shared.GetSortQuery(ctx))
 		if err != nil {
 			return echo.NewHTTPError(500, "could not get dependencyVulns").WithInternal(err)
 		}
@@ -148,7 +150,7 @@ func (controller DependencyVulnController) ListPaged(ctx shared.Context) error {
 		assetVersion.Name,
 		assetVersion.AssetID,
 		shared.GetPageInfo(ctx),
-		ctx.QueryParam("search"),
+		formattedSearch,
 		shared.GetFilterQuery(ctx),
 		shared.GetSortQuery(ctx),
 	)