test: assert lowercase ghsaId normalization on CVE request path

Cover request_cve_for_repository_security_advisory alongside the existing
update advisory normalization test.

Author: Array Fleet

pkg/github/security_advisories_test.go

@@ -1141,6 +1141,21 @@ func Test_RequestCVEForRepositorySecurityAdvisory(t *testing.T) {
 			expectError:  false,
 			expectedText: "CVE request submitted successfully",
 		},
+		{
+			name: "lowercase ghsaId normalized in CVE request path",
+			mockedClient: MockHTTPClientWithHandlers(map[string]http.HandlerFunc{
+				PostReposSecurityAdvisoriesCveByOwnerByRepoByGhsaID: expectPath(t, "/repos/octo/hello-world/security-advisories/GHSA-abcd-1234-5678/cve").andThen(
+					mockResponse(t, http.StatusOK, nil),
+				),
+			}),
+			requestArgs: map[string]any{
+				"owner":  "octo",
+				"repo":   "hello-world",
+				"ghsaId": "ghsa-abcd-1234-5678",
+			},
+			expectError:  false,
+			expectedText: "CVE request submitted successfully",
+		},
 		{
 			name: "invalid ghsaId format",
 			mockedClient: MockHTTPClientWithHandlers(map[string]http.HandlerFunc{