> Is there a way to stop certain variants from propagating to dependencies?

I'm pretty sure there is no way to do this. No clean way, at least.

> I'd like to use `depends_build-append port:doxygen` for +docs variants, but
> - calling the variant +docs causes port:doxygen to install (or reinstalll!) 
> with +docs, which adds lots of dependencies, and big ones at that (TeX)

Perhaps doxygen should be split up into doxygen and doxygen-docs subports to 
avoid this kind of thing.

> - if the target port is requested +universal this also causes doxygen to be 
> (re)installed with +universal, which again isn't necessary at all.

If the dependent just invokes doxygen, then it can use

        depends_skip_archcheck-append doxygen

I don't know if doxygen itself installs any libraries or headers; if not, it 
should use

        installs_libs no

so that dependents don't have to use depends_skip_archcheck.

