fix: Restrict context var override on the package page

Users can (accidentally) override context vars with query params.
This may lead to issues when rendering templates (e.g. "comments=").

Signed-off-by: moson <moson@archlinux.org>

aurweb/pkgbase/util.py

@@ -11,17 +11,7 @@ from aurweb.models.package_comment import PackageComment
 from aurweb.models.package_request import PENDING_ID, PackageRequest
 from aurweb.models.package_vote import PackageVote
 from aurweb.scripts import notify
-from aurweb.templates import (
-    make_context as _make_context,
-    make_variable_context as _make_variable_context,
-)
-
-
-async def make_variable_context(
-    request: Request, pkgbase: PackageBase
-) -> dict[str, Any]:
-    ctx = await _make_variable_context(request, pkgbase.Name)
-    return make_context(request, pkgbase, ctx)
+from aurweb.templates import make_context as _make_context
 
 
 def make_context(

aurweb/routers/packages.py

@@ -167,7 +167,8 @@ async def package(
             rels_data["r"].append(rel)
 
     # Add our base information.
-    context = await pkgbaseutil.make_variable_context(request, pkgbase)
+    context = pkgbaseutil.make_context(request, pkgbase)
+    context["q"] = dict(request.query_params)
 
     context.update({"all_deps": all_deps, "all_reqs": all_reqs})