summary refs log tree commit diff
path: root/gnu/packages/patches
diff options
context:
space:
mode:
authorEfraim Flashner <efraim@flashner.co.il>2021-10-31 12:47:14 +0200
committerEfraim Flashner <efraim@flashner.co.il>2021-10-31 14:49:47 +0200
commitbc5155b952ae8bdbc56aded4d8d39768b4e2a7d4 (patch)
tree6b55475d86c522543384dea7d1ab66bba32af63e /gnu/packages/patches
parentdac8d013bd1fc7f57b8ba3582eef6e0e01b23dfd (diff)
parent4e5000114ec01b5e92a87c52f2a10f9ba7a601c8 (diff)
downloadguix-bc5155b952ae8bdbc56aded4d8d39768b4e2a7d4.tar.gz
Merge remote-tracking branch 'origin/master' into core-updates-frozen
Diffstat (limited to 'gnu/packages/patches')
-rw-r--r--gnu/packages/patches/diffoscope-fix-llvm-test.patch (renamed from gnu/packages/patches/diffoscope-fix-test_item3_deflate_llvm_bitcode.patch)0
-rw-r--r--gnu/packages/patches/disarchive-cross-compilation.patch77
-rw-r--r--gnu/packages/patches/flatpak-fix-path.patch29
-rw-r--r--gnu/packages/patches/icecat-78-makeicecat.patch110
-rw-r--r--gnu/packages/patches/icecat-makeicecat.patch133
-rw-r--r--gnu/packages/patches/mupdf-CVE-2021-3407.patch51
-rw-r--r--gnu/packages/patches/mupdf-fix-linkage.patch27
-rw-r--r--gnu/packages/patches/python-peachpy-determinism.patch25
-rw-r--r--gnu/packages/patches/qemu-fix-agent-paths.patch66
-rw-r--r--gnu/packages/patches/u-boot-allow-disabling-openssl.patch164
-rw-r--r--gnu/packages/patches/udiskie-no-appindicator.patch155
-rw-r--r--gnu/packages/patches/zig-disable-libc-note-test.patch31
-rw-r--r--gnu/packages/patches/zig-use-system-paths.patch143
13 files changed, 605 insertions, 406 deletions
diff --git a/gnu/packages/patches/diffoscope-fix-test_item3_deflate_llvm_bitcode.patch b/gnu/packages/patches/diffoscope-fix-llvm-test.patch
index 45e496a128..45e496a128 100644
--- a/gnu/packages/patches/diffoscope-fix-test_item3_deflate_llvm_bitcode.patch
+++ b/gnu/packages/patches/diffoscope-fix-llvm-test.patch
diff --git a/gnu/packages/patches/disarchive-cross-compilation.patch b/gnu/packages/patches/disarchive-cross-compilation.patch
deleted file mode 100644
index 8061262168..0000000000
--- a/gnu/packages/patches/disarchive-cross-compilation.patch
+++ /dev/null
@@ -1,77 +0,0 @@
-From dc0f8f8bf8608c39da32e3c8ca1484b766fc7452 Mon Sep 17 00:00:00 2001
-From: Maxim Cournoyer <maxim.cournoyer@gmail.com>
-Date: Mon, 17 May 2021 16:47:19 -0400
-Subject: [PATCH] build: Fix cross-compilation.
-
-The cross-compilation issues corrected by this change were discovered
-when attempting to cross-compile disarchive for the i586-gnu target on
-GNU Guix.
-
-* configure.ac [O_NOFOLLOW]: Rewrite test using AC_COMPUTE_INT, which
-is supported even when cross-compiling.
-(GUILD_TARGET_OPTION): New computed variable.
-* build-aux/guile.am ($(AM_V_GUILEC)GUILE_AUTO_COMPILE): Use it.
----
- build-aux/guile.am |  6 +++---
- configure.ac       | 24 +++++++++++++++---------
- 2 files changed, 18 insertions(+), 12 deletions(-)
-
-diff --git a/build-aux/guile.am b/build-aux/guile.am
-index bec04ea..7745125 100644
---- a/build-aux/guile.am
-+++ b/build-aux/guile.am
-@@ -54,7 +54,7 @@ AM_V_GUILEC_0 = @echo "  GUILEC" $@;
- SUFFIXES = .scm .go
- 
- .scm.go:
--	$(AM_V_GUILEC)GUILE_AUTO_COMPILE=0      \
--	$(top_builddir)/pre-inst-env            \
--	$(GUILD) compile $(GUILE_WARNINGS)      \
-+	$(AM_V_GUILEC)GUILE_AUTO_COMPILE=0                              \
-+	$(top_builddir)/pre-inst-env                                    \
-+	$(GUILD) compile $(GUILE_WARNINGS) $(GUILD_TARGET_OPTION)       \
- 	         -o "$@" "$<"
-diff --git a/configure.ac b/configure.ac
-index 99c5ac5..0cd0173 100644
---- a/configure.ac
-+++ b/configure.ac
-@@ -39,21 +39,27 @@ AS_IF([test "x$GUILD" = "x"],
-     [AC_MSG_ERROR(m4_normalize([
-       'guild' binary not found; please check your Guile installation.]))])])
- 
-+dnl This argument is passed to guild; it ensures cross-compiling uses
-+dnl the right target.
-+if test -n "$host_alias"; then
-+   AC_SUBST([GUILD_TARGET_OPTION], [--target=$host_alias])
-+fi
-+
- GUILE_MODULE_REQUIRED(gcrypt hash)
- 
- dnl Guile defines a handful of values from <fcntl.h>, but it is
- dnl missing O_NOFOLLOW.
- AC_ARG_VAR([O_NOFOLLOW], [value to use for O_NOFOLLOW (cf. <fcntl.h>)])
- AS_IF([test "x$O_NOFOLLOW" = "x"],
--  [AC_MSG_CHECKING([the value of O_NOFOLLOW])
--   AC_RUN_IFELSE([AC_LANG_PROGRAM([[
--       #include <fcntl.h>
--       #include <stdio.h>
--     ]], [[
--       printf("%d\n", O_NOFOLLOW)
--     ]])],
--     [O_NOFOLLOW=`./conftest$EXEEXT`],
--     [AC_MSG_FAILURE([could find value for O_NOFOLLOW])])])
-+  [AC_MSG_CHECKING([the value of O_NOFOLLOW])]
-+  [AC_COMPUTE_INT([O_NOFOLLOW],
-+      [O_NOFOLLOW],
-+      [[
-+        #include <fcntl.h>
-+        #include <stdio.h>
-+      ]],
-+      [AC_MSG_FAILURE([could find value for O_NOFOLLOW])])]
-+  [AC_MSG_RESULT([$O_NOFOLLOW])])
- 
- AC_ARG_VAR([TAR], [tar utility])
- AS_IF([test "x$TAR" = "x"], [AC_PATH_PROG([TAR], [tar])])
--- 
-2.31.1
-
diff --git a/gnu/packages/patches/flatpak-fix-path.patch b/gnu/packages/patches/flatpak-fix-path.patch
new file mode 100644
index 0000000000..e87a08a7fe
--- /dev/null
+++ b/gnu/packages/patches/flatpak-fix-path.patch
@@ -0,0 +1,29 @@
+Flatpak writes files for installed applications with the full Flatpak (store) path. This patch makes it write just "flatpak", using Flatpak from PATH. This is similar to the NixOS [0] patch, updated for Flatpak 1.12.1
+
+[0] https://github.com/NixOS/nixpkgs/blob/bf4167861d0f864b0fc457778d54feb4a2675ea2/pkgs/development/libraries/flatpak/use-flatpak-from-path.patch
+
+diff --git a/common/flatpak-dir.c b/common/flatpak-dir.c
+index 80ff5e5f..0c111c31 100644
+--- a/common/flatpak-dir.c
++++ b/common/flatpak-dir.c
+@@ -7134,8 +7134,7 @@ export_desktop_file (const char         *app,
+         flatpak = FLATPAK_BINDIR "/flatpak";
+
+       g_string_append_printf (new_exec,
+-                              "%s run --branch=%s --arch=%s",
+-                              flatpak,
++                              "flatpak run --branch=%s --arch=%s",
+                               escaped_branch,
+                               escaped_arch);
+
+@@ -8467,8 +8466,8 @@ flatpak_dir_deploy (FlatpakDir          *self,
+       if ((flatpak = g_getenv ("FLATPAK_BINARY")) == NULL)
+         flatpak = FLATPAK_BINDIR "/flatpak";
+
+-      bin_data = g_strdup_printf ("#!/bin/sh\nexec %s run --branch=%s --arch=%s %s \"$@\"\n",
+-                                  flatpak, escaped_branch, escaped_arch, escaped_app);
++      bin_data = g_strdup_printf ("#!/bin/sh\nexec flatpak run --branch=%s --arch=%s %s \"$@\"\n",
++                                  escaped_branch, escaped_arch, escaped_app);
+       if (!g_file_replace_contents (wrapper, bin_data, strlen (bin_data), NULL, FALSE,
+                                     G_FILE_CREATE_REPLACE_DESTINATION, NULL, cancellable, error))
+         return FALSE;
diff --git a/gnu/packages/patches/icecat-78-makeicecat.patch b/gnu/packages/patches/icecat-78-makeicecat.patch
new file mode 100644
index 0000000000..edd1ced257
--- /dev/null
+++ b/gnu/packages/patches/icecat-78-makeicecat.patch
@@ -0,0 +1,110 @@
+Make some of the changes needed to the 'makeicecat' script, to allow it to run
+in a snippet without network access.  After this patch is applied, some
+additional changes will be made using 'substitute*'.
+
+diff --git a/makeicecat b/makeicecat
+index 8be2362..48716f2 100755
+--- a/makeicecat
++++ b/makeicecat
+@@ -31,55 +31,55 @@ SOURCEDIR=icecat-$FFVERSION
+ 
+ DATA="$( cd "$( dirname "${BASH_SOURCE[0]}" )" && pwd )"/data
+ 
+-mkdir -p output
+-cd output
++# mkdir -p output
++# cd output
+ 
+ ###############################################################################
+ # Retrieve FF source code
+ ###############################################################################
+ 
+-rm mozilla-esr${FFMAJOR} $SOURCEDIR -rf
+-
+-wget -N https://ftp.mozilla.org/pub/mozilla.org/firefox/releases/${FFVERSION}esr/source/firefox-${FFVERSION}esr.source.tar.xz
+-wget -N https://ftp.mozilla.org/pub/mozilla.org/firefox/releases/${FFVERSION}esr/source/firefox-${FFVERSION}esr.source.tar.xz.asc
+-gpg --recv-keys --keyserver keyserver.ubuntu.com 14F26682D0916CDD81E37B6D61B7B526D98F0353
+-gpg --verify firefox-${FFVERSION}esr.source.tar.xz.asc
+-echo -n 1aa041db28cd742e93d663a9da8defd33040b38d8b9470350538473251621643 firefox-${FFVERSION}esr.source.tar.xz |sha256sum -c -
+-
+-echo Extracting Firefox tarball
+-tar -xf firefox-${FFVERSION}esr.source.tar.xz
+-
+-mv firefox-${FFVERSION} $SOURCEDIR
++# rm mozilla-esr${FFMAJOR} $SOURCEDIR -rf
++# 
++# wget -N https://ftp.mozilla.org/pub/mozilla.org/firefox/releases/${FFVERSION}esr/source/firefox-${FFVERSION}esr.source.tar.xz
++# wget -N https://ftp.mozilla.org/pub/mozilla.org/firefox/releases/${FFVERSION}esr/source/firefox-${FFVERSION}esr.source.tar.xz.asc
++# gpg --recv-keys --keyserver keyserver.ubuntu.com 14F26682D0916CDD81E37B6D61B7B526D98F0353
++# gpg --verify firefox-${FFVERSION}esr.source.tar.xz.asc
++# echo -n 1aa041db28cd742e93d663a9da8defd33040b38d8b9470350538473251621643 firefox-${FFVERSION}esr.source.tar.xz |sha256sum -c -
++# 
++# echo Extracting Firefox tarball
++# tar -xf firefox-${FFVERSION}esr.source.tar.xz
++# 
++# mv firefox-${FFVERSION} $SOURCEDIR
+ 
+ ###############################################################################
+ # Retrieve l10n
+ ###############################################################################
+ 
+-mkdir l10n
+-cd l10n
+-while read line;do
+-    line=$(echo $line |cut -d' ' -f1)
+-    #[ $line = "es-ES" ] || continue # To speed up testing
+-    [ $line = "en-US" ] && continue
+-    hg clone https://hg.mozilla.org/l10n-central/$line
+-    mkdir -p $line/browser/chrome/browser/preferences
+-    touch $line/browser/chrome/browser/preferences/advanced-scripts.dtd
+-    rm -rf $line/.hg*
+-done < ../$SOURCEDIR/browser/locales/shipped-locales
+-cd ..
+-
+-mv l10n $SOURCEDIR
+-
+-hg clone https://hg.mozilla.org/l10n/compare-locales/
+-cd compare-locales/
+-hg checkout RELEASE_8_0_0
+-cd ..
+-rm compare-locales/.hg* compare-locales/.git* -rf
+-mv compare-locales $SOURCEDIR/l10n
++# mkdir l10n
++# cd l10n
++# while read line;do
++#     line=$(echo $line |cut -d' ' -f1)
++#     #[ $line = "es-ES" ] || continue # To speed up testing
++#     [ $line = "en-US" ] && continue
++#     hg clone https://hg.mozilla.org/l10n-central/$line
++#     mkdir -p $line/browser/chrome/browser/preferences
++#     touch $line/browser/chrome/browser/preferences/advanced-scripts.dtd
++#     rm -rf $line/.hg*
++# done < ../$SOURCEDIR/browser/locales/shipped-locales
++# cd ..
++# 
++# mv l10n $SOURCEDIR
++# 
++# hg clone https://hg.mozilla.org/l10n/compare-locales/
++# cd compare-locales/
++# hg checkout RELEASE_8_0_0
++# cd ..
++# rm compare-locales/.hg* compare-locales/.git* -rf
++# mv compare-locales $SOURCEDIR/l10n
+ 
+ #######################################################
+ 
+-cd $SOURCEDIR
++# cd $SOURCEDIR
+ 
+ shopt -s nullglob
+ for patch in $DATA/patches/*.patch; do
+@@ -598,6 +598,6 @@ sed 's/777/755/;' -i toolkit/crashreporter/google-breakpad/Makefile.in
+ # Fix CVE-2012-3386
+ /bin/sed 's/chmod a+w/chmod u+w/' -i ./js/src/ctypes/libffi/Makefile.in ./toolkit/crashreporter/google-breakpad/Makefile.in ./toolkit/crashreporter/google-breakpad/src/third_party/glog/Makefile.in || true
+ 
+-cd ..
+-echo Packaging tarball
+-tar cfj icecat-$ICECATVERSION.tar.bz2 $SOURCEDIR
++# cd ..
++# echo Packaging tarball
++# tar cfj icecat-$ICECATVERSION.tar.bz2 $SOURCEDIR
diff --git a/gnu/packages/patches/icecat-makeicecat.patch b/gnu/packages/patches/icecat-makeicecat.patch
index edd1ced257..c46cb27ff6 100644
--- a/gnu/packages/patches/icecat-makeicecat.patch
+++ b/gnu/packages/patches/icecat-makeicecat.patch
@@ -3,108 +3,49 @@ in a snippet without network access.  After this patch is applied, some
 additional changes will be made using 'substitute*'.
 
 diff --git a/makeicecat b/makeicecat
-index 8be2362..48716f2 100755
+index bf2b7a6..bc3b19b 100755
 --- a/makeicecat
 +++ b/makeicecat
-@@ -31,55 +31,55 @@ SOURCEDIR=icecat-$FFVERSION
+@@ -58,7 +58,7 @@ readonly SOURCEDIR=icecat-${FFVERSION}
+ # debug/shell options
+ readonly DEVEL=0
+ set -euo pipefail
+-(( DEVEL )) && set -x
++set -x
  
- DATA="$( cd "$( dirname "${BASH_SOURCE[0]}" )" && pwd )"/data
  
--mkdir -p output
--cd output
-+# mkdir -p output
-+# cd output
- 
- ###############################################################################
- # Retrieve FF source code
  ###############################################################################
+@@ -459,7 +459,7 @@ configure_search()
+     sed 's|ddg@|ddg-html@|' -i browser/components/search/extensions/ddg-html/manifest.json
  
--rm mozilla-esr${FFMAJOR} $SOURCEDIR -rf
--
--wget -N https://ftp.mozilla.org/pub/mozilla.org/firefox/releases/${FFVERSION}esr/source/firefox-${FFVERSION}esr.source.tar.xz
--wget -N https://ftp.mozilla.org/pub/mozilla.org/firefox/releases/${FFVERSION}esr/source/firefox-${FFVERSION}esr.source.tar.xz.asc
--gpg --recv-keys --keyserver keyserver.ubuntu.com 14F26682D0916CDD81E37B6D61B7B526D98F0353
--gpg --verify firefox-${FFVERSION}esr.source.tar.xz.asc
--echo -n 1aa041db28cd742e93d663a9da8defd33040b38d8b9470350538473251621643 firefox-${FFVERSION}esr.source.tar.xz |sha256sum -c -
--
--echo Extracting Firefox tarball
--tar -xf firefox-${FFVERSION}esr.source.tar.xz
--
--mv firefox-${FFVERSION} $SOURCEDIR
-+# rm mozilla-esr${FFMAJOR} $SOURCEDIR -rf
-+# 
-+# wget -N https://ftp.mozilla.org/pub/mozilla.org/firefox/releases/${FFVERSION}esr/source/firefox-${FFVERSION}esr.source.tar.xz
-+# wget -N https://ftp.mozilla.org/pub/mozilla.org/firefox/releases/${FFVERSION}esr/source/firefox-${FFVERSION}esr.source.tar.xz.asc
-+# gpg --recv-keys --keyserver keyserver.ubuntu.com 14F26682D0916CDD81E37B6D61B7B526D98F0353
-+# gpg --verify firefox-${FFVERSION}esr.source.tar.xz.asc
-+# echo -n 1aa041db28cd742e93d663a9da8defd33040b38d8b9470350538473251621643 firefox-${FFVERSION}esr.source.tar.xz |sha256sum -c -
-+# 
-+# echo Extracting Firefox tarball
-+# tar -xf firefox-${FFVERSION}esr.source.tar.xz
-+# 
-+# mv firefox-${FFVERSION} $SOURCEDIR
+     # Process various JSON pre-configuration dumps.
+-    python3 ../../tools/process-json-files.py . browser/components/extensions/schemas/
++    python3 "${DATADIR}"/../tools/process-json-files.py . browser/components/extensions/schemas/
+ }
  
+ configure_mobile()
+@@ -855,12 +855,12 @@ finalize_sourceball()
+ # entry point
  ###############################################################################
- # Retrieve l10n
- ###############################################################################
- 
--mkdir l10n
--cd l10n
--while read line;do
--    line=$(echo $line |cut -d' ' -f1)
--    #[ $line = "es-ES" ] || continue # To speed up testing
--    [ $line = "en-US" ] && continue
--    hg clone https://hg.mozilla.org/l10n-central/$line
--    mkdir -p $line/browser/chrome/browser/preferences
--    touch $line/browser/chrome/browser/preferences/advanced-scripts.dtd
--    rm -rf $line/.hg*
--done < ../$SOURCEDIR/browser/locales/shipped-locales
--cd ..
--
--mv l10n $SOURCEDIR
--
--hg clone https://hg.mozilla.org/l10n/compare-locales/
--cd compare-locales/
--hg checkout RELEASE_8_0_0
--cd ..
--rm compare-locales/.hg* compare-locales/.git* -rf
--mv compare-locales $SOURCEDIR/l10n
-+# mkdir l10n
-+# cd l10n
-+# while read line;do
-+#     line=$(echo $line |cut -d' ' -f1)
-+#     #[ $line = "es-ES" ] || continue # To speed up testing
-+#     [ $line = "en-US" ] && continue
-+#     hg clone https://hg.mozilla.org/l10n-central/$line
-+#     mkdir -p $line/browser/chrome/browser/preferences
-+#     touch $line/browser/chrome/browser/preferences/advanced-scripts.dtd
-+#     rm -rf $line/.hg*
-+# done < ../$SOURCEDIR/browser/locales/shipped-locales
-+# cd ..
-+# 
-+# mv l10n $SOURCEDIR
-+# 
-+# hg clone https://hg.mozilla.org/l10n/compare-locales/
-+# cd compare-locales/
-+# hg checkout RELEASE_8_0_0
-+# cd ..
-+# rm compare-locales/.hg* compare-locales/.git* -rf
-+# mv compare-locales $SOURCEDIR/l10n
- 
- #######################################################
- 
--cd $SOURCEDIR
-+# cd $SOURCEDIR
- 
- shopt -s nullglob
- for patch in $DATA/patches/*.patch; do
-@@ -598,6 +598,6 @@ sed 's/777/755/;' -i toolkit/crashreporter/google-breakpad/Makefile.in
- # Fix CVE-2012-3386
- /bin/sed 's/chmod a+w/chmod u+w/' -i ./js/src/ctypes/libffi/Makefile.in ./toolkit/crashreporter/google-breakpad/Makefile.in ./toolkit/crashreporter/google-breakpad/src/third_party/glog/Makefile.in || true
  
--cd ..
--echo Packaging tarball
--tar cfj icecat-$ICECATVERSION.tar.bz2 $SOURCEDIR
-+# cd ..
-+# echo Packaging tarball
-+# tar cfj icecat-$ICECATVERSION.tar.bz2 $SOURCEDIR
+-validate_env || exit 1
+-prepare_env
+-fetch_source
+-verify_sources
+-extract_sources
+-fetch_l10n
++# validate_env || exit 1
++# prepare_env
++# fetch_source
++# verify_sources
++# extract_sources
++# fetch_l10n
+ apply_patches
+ configure
+ configure_search
+@@ -872,4 +872,4 @@ prepare_macos_packaging
+ configure_extensions
+ configure_onboarding
+ apply_bugfixes
+-finalize_sourceball
++# finalize_sourceball
diff --git a/gnu/packages/patches/mupdf-CVE-2021-3407.patch b/gnu/packages/patches/mupdf-CVE-2021-3407.patch
deleted file mode 100644
index 9f901517c5..0000000000
--- a/gnu/packages/patches/mupdf-CVE-2021-3407.patch
+++ /dev/null
@@ -1,51 +0,0 @@
-This patch came from https://git.ghostscript.com/?p=mupdf.git;a=patch;h=cee7cefc610d42fd383b3c80c12cbc675443176a
-and fixes CVE-2021-3407.
-
-From cee7cefc610d42fd383b3c80c12cbc675443176a Mon Sep 17 00:00:00 2001
-From: Robin Watts <Robin.Watts@artifex.com>
-Date: Fri, 22 Jan 2021 17:05:15 +0000
-Subject: [PATCH] Bug 703366: Fix double free of object during linearization.
-
-This appears to happen because we parse an illegal object from
-a broken file and assign it to object 0, which is defined to
-be free.
-
-Here, we fix the parsing code so this can't happen.
----
- source/pdf/pdf-parse.c | 6 ++++++
- source/pdf/pdf-xref.c  | 2 ++
- 2 files changed, 8 insertions(+)
-
-diff --git a/source/pdf/pdf-parse.c b/source/pdf/pdf-parse.c
-index 7abc8c3d4..5761c3351 100644
---- a/source/pdf/pdf-parse.c
-+++ b/source/pdf/pdf-parse.c
-@@ -749,6 +749,12 @@ pdf_parse_ind_obj(fz_context *ctx, pdf_document *doc,
- 		fz_throw(ctx, FZ_ERROR_SYNTAX, "expected generation number (%d ? obj)", num);
- 	}
- 	gen = buf->i;
-+	if (gen < 0 || gen >= 65536)
-+	{
-+		if (try_repair)
-+			*try_repair = 1;
-+		fz_throw(ctx, FZ_ERROR_SYNTAX, "invalid generation number (%d)", gen);
-+	}
- 
- 	tok = pdf_lex(ctx, file, buf);
- 	if (tok != PDF_TOK_OBJ)
-diff --git a/source/pdf/pdf-xref.c b/source/pdf/pdf-xref.c
-index 1b2bdcd59..30197b4b8 100644
---- a/source/pdf/pdf-xref.c
-+++ b/source/pdf/pdf-xref.c
-@@ -1190,6 +1190,8 @@ pdf_read_new_xref(fz_context *ctx, pdf_document *doc, pdf_lexbuf *buf)
- 	{
- 		ofs = fz_tell(ctx, doc->file);
- 		trailer = pdf_parse_ind_obj(ctx, doc, doc->file, buf, &num, &gen, &stm_ofs, NULL);
-+		if (num == 0)
-+			fz_throw(ctx, FZ_ERROR_GENERIC, "Trailer object number cannot be 0\n");
- 	}
- 	fz_catch(ctx)
- 	{
--- 
-2.17.1
-
diff --git a/gnu/packages/patches/mupdf-fix-linkage.patch b/gnu/packages/patches/mupdf-fix-linkage.patch
deleted file mode 100644
index 4ffd1c6a77..0000000000
--- a/gnu/packages/patches/mupdf-fix-linkage.patch
+++ /dev/null
@@ -1,27 +0,0 @@
-From: Tobias Geerinckx-Rice <me@tobias.gr>
-Date: Tue, 24 Nov 2020 10:29:28 +0000
-Subject: [PATCH] gnu: mupdf: Fix linkage.
-
-Replace broken linkage to ‘build/shared-release/libmupdf.so’ with the
-proper ‘-L$(libdir) -lmupdf’ incantation, and fix libmupdf.so's mode.
-
---- mupdf-1.18.0-source.org/Makefile
-+++ mupdf-1.18.0-source/Makefile
-@@ -61,7 +61,7 @@
- ifdef RANLIB
-   RANLIB_CMD = $(QUIET_RANLIB) $(RANLIB) $@
- endif
--LINK_CMD = $(QUIET_LINK) $(MKTGTDIR) ; $(CC) $(LDFLAGS) -o $@ $^ $(LIBS)
-+LINK_CMD = $(QUIET_LINK) $(MKTGTDIR) ; $(CC) $(LDFLAGS) -o $@ $(subst $(MUPDF_LIB),-L$(libdir) -L$(OUT) -lmupdf,$^) $(LIBS)
- TAGS_CMD = $(QUIET_TAGS) ctags -R --c-kinds=+p
- WINDRES_CMD = $(QUIET_WINDRES) $(MKTGTDIR) ; $(WINDRES) $< $@
- OBJCOPY_CMD = $(QUIET_OBJCOPY) $(MKTGTDIR) ; $(LD) -r -b binary -z noexecstack -o $@ $<
-@@ -364,7 +364,7 @@ install: libs apps
- 	install -m 644 include/mupdf/pdf/*.h $(DESTDIR)$(incdir)/mupdf/pdf
- 
- 	install -d $(DESTDIR)$(libdir)
--	install -m 644 $(INSTALL_LIBS) $(DESTDIR)$(libdir)
-+	install -m 755 $(INSTALL_LIBS) $(DESTDIR)$(libdir)
- 
- 	install -d $(DESTDIR)$(bindir)
- 	install -m 755 $(TOOL_APPS) $(VIEW_APPS) $(DESTDIR)$(bindir)
diff --git a/gnu/packages/patches/python-peachpy-determinism.patch b/gnu/packages/patches/python-peachpy-determinism.patch
new file mode 100644
index 0000000000..f326a4b6b0
--- /dev/null
+++ b/gnu/packages/patches/python-peachpy-determinism.patch
@@ -0,0 +1,25 @@
+Make PeachPy processes deterministic:
+
+  https://github.com/Maratyszcza/PeachPy/issues/88
+  https://issues.guix.gnu.org/50672
+
+diff --git a/peachpy/name.py b/peachpy/name.py
+index b6a03dc..412079d 100644
+--- a/peachpy/name.py
++++ b/peachpy/name.py
+@@ -86,13 +86,13 @@ def add_scoped_name(self, scoped_name):
+                 self.names[scope_name.name] = scope
+         else:
+             assert scope_name.name is None
+-            self.prenames.setdefault(scope_name.prename, set())
++            self.prenames.setdefault(scope_name.prename, {})
+             if subscoped_name:
+                 for subscope in iter(self.prenames[scope_name.prename]):
+                     if isinstance(subscope, Namespace) and subscope.scope_name is scope_name:
+                         subscope.add_scoped_name(subscoped_name)
+                         return
+-            self.prenames[scope_name.prename].add(scope)
++            self.prenames[scope_name.prename][scope] = None
+ 
+     def assign_names(self):
+         # Step 1: assign names to symbols with prenames with no conflicts
diff --git a/gnu/packages/patches/qemu-fix-agent-paths.patch b/gnu/packages/patches/qemu-fix-agent-paths.patch
new file mode 100644
index 0000000000..bae62fadbf
--- /dev/null
+++ b/gnu/packages/patches/qemu-fix-agent-paths.patch
@@ -0,0 +1,66 @@
+Allow a QEMU host to set the time and shutdown Guix guests.  Styled
+after the patch from the Nix package:
+
+https://github.com/NixOS/nixpkgs/blob/master/pkgs/applications/virtualization/qemu/fix-qemu-ga.patch
+
+diff --git a/qga/commands-posix.c b/qga/commands-posix.c
+index 75dbaab..b416b03 100644
+--- a/qga/commands-posix.c
++++ b/qga/commands-posix.c
+@@ -84,6 +84,7 @@ static void ga_wait_child(pid_t pid, int *status, Error **errp)
+ void qmp_guest_shutdown(bool has_mode, const char *mode, Error **errp)
+ {
+     const char *shutdown_flag;
++    const char *command;
+     Error *local_err = NULL;
+     pid_t pid;
+     int status;
+@@ -91,10 +92,13 @@ void qmp_guest_shutdown(bool has_mode, const char *mode, Error **errp)
+     slog("guest-shutdown called, mode: %s", mode);
+     if (!has_mode || strcmp(mode, "powerdown") == 0) {
+         shutdown_flag = "-P";
++        command = "shutdown";
+     } else if (strcmp(mode, "halt") == 0) {
+         shutdown_flag = "-H";
++        command = "halt";
+     } else if (strcmp(mode, "reboot") == 0) {
+         shutdown_flag = "-r";
++        command = "reboot";
+     } else {
+         error_setg(errp,
+                    "mode is invalid (valid values are: halt|powerdown|reboot");
+@@ -109,6 +113,11 @@ void qmp_guest_shutdown(bool has_mode, const char *mode, Error **errp)
+         reopen_fd_to_null(1);
+         reopen_fd_to_null(2);
+ 
++        /* try Guix’s shutdown/halt/reboot first */
++        char *path = g_strdup_printf("/run/current-system/profile/sbin/%s", command);
++        execle(path, command, (char *)NULL, environ);
++        g_free(path);
++
+         execle("/sbin/shutdown", "shutdown", "-h", shutdown_flag, "+0",
+                "hypervisor initiated shutdown", (char *)NULL, environ);
+         _exit(EXIT_FAILURE);
+@@ -158,10 +167,12 @@ void qmp_guest_set_time(bool has_time, int64_t time_ns, Error **errp)
+     Error *local_err = NULL;
+     struct timeval tv;
+     static const char hwclock_path[] = "/sbin/hwclock";
++    static const char hwclock_path_guix[] = "/run/current-system/profile/sbin/hwclock";
+     static int hwclock_available = -1;
+ 
+     if (hwclock_available < 0) {
+-        hwclock_available = (access(hwclock_path, X_OK) == 0);
++        hwclock_available = (access(hwclock_path_guix, X_OK) == 0) ||
++                            (access(hwclock_path, X_OK) == 0);
+     }
+ 
+     if (!hwclock_available) {
+@@ -207,6 +218,8 @@ void qmp_guest_set_time(bool has_time, int64_t time_ns, Error **errp)
+ 
+         /* Use '/sbin/hwclock -w' to set RTC from the system time,
+          * or '/sbin/hwclock -s' to set the system time from RTC. */
++        execle(hwclock_path_guix, "hwclock", has_time ? "-w" : "-s",
++               NULL, environ);
+         execle(hwclock_path, "hwclock", has_time ? "-w" : "-s",
+                NULL, environ);
+         _exit(EXIT_FAILURE);
diff --git a/gnu/packages/patches/u-boot-allow-disabling-openssl.patch b/gnu/packages/patches/u-boot-allow-disabling-openssl.patch
new file mode 100644
index 0000000000..e3ec92be84
--- /dev/null
+++ b/gnu/packages/patches/u-boot-allow-disabling-openssl.patch
@@ -0,0 +1,164 @@
+From f060e90d148270307228315e2759a0065ec1d796 Mon Sep 17 00:00:00 2001
+From: Vagrant Cascadian <vagrant@debian.org>
+Date: Fri, 22 Oct 2021 17:34:53 -0700
+Subject: [PATCH] Revert "tools: kwbimage: Do not hide usage of secure header
+ under CONFIG_ARMADA_38X"
+
+This reverts commit b4f3cc2c42d97967a3a3c8796c340f6b07ecccac.
+---
+ tools/Makefile   |  8 ++++++++
+ tools/kwbimage.c | 22 ++++++++++++++++++++++
+ 2 files changed, 30 insertions(+)
+
+diff --git a/tools/Makefile b/tools/Makefile
+index 4a86321f64..9517f203fd 100644
+--- a/tools/Makefile
++++ b/tools/Makefile
+@@ -169,6 +169,14 @@ HOST_EXTRACFLAGS	+= -DCONFIG_FIT_SIGNATURE_MAX_SIZE=0xffffffff
+ HOST_EXTRACFLAGS	+= -DCONFIG_FIT_CIPHER
+ endif
+ 
++ifneq ($(CONFIG_SYS_U_BOOT_OFFS),)
++HOSTCFLAGS_kwbimage.o += -DCONFIG_SYS_U_BOOT_OFFS=$(CONFIG_SYS_U_BOOT_OFFS)
++endif
++
++ifneq ($(CONFIG_ARMADA_38X),)
++HOSTCFLAGS_kwbimage.o += -DCONFIG_KWB_SECURE
++endif
++
+ # MXSImage needs LibSSL
+ ifneq ($(CONFIG_MX23)$(CONFIG_MX28)$(CONFIG_ARMADA_38X)$(CONFIG_TOOLS_LIBCRYPTO),)
+ HOSTCFLAGS_kwbimage.o += \
+diff --git a/tools/kwbimage.c b/tools/kwbimage.c
+index d200ff2425..23d6be3c9a 100644
+--- a/tools/kwbimage.c
++++ b/tools/kwbimage.c
+@@ -14,6 +14,7 @@
+ #include <stdint.h>
+ #include "kwbimage.h"
+ 
++#ifdef CONFIG_KWB_SECURE
+ #include <openssl/bn.h>
+ #include <openssl/rsa.h>
+ #include <openssl/pem.h>
+@@ -39,10 +40,13 @@ void EVP_MD_CTX_cleanup(EVP_MD_CTX *ctx)
+ 	EVP_MD_CTX_reset(ctx);
+ }
+ #endif
++#endif
+ 
+ static struct image_cfg_element *image_cfg;
+ static int cfgn;
++#ifdef CONFIG_KWB_SECURE
+ static int verbose_mode;
++#endif
+ 
+ struct boot_mode {
+ 	unsigned int id;
+@@ -237,6 +241,8 @@ image_count_options(unsigned int optiontype)
+ 	return count;
+ }
+ 
++#if defined(CONFIG_KWB_SECURE)
++
+ static int image_get_csk_index(void)
+ {
+ 	struct image_cfg_element *e;
+@@ -259,6 +265,8 @@ static bool image_get_spezialized_img(void)
+ 	return e->sec_specialized_img;
+ }
+ 
++#endif
++
+ /*
+  * Compute a 8-bit checksum of a memory area. This algorithm follows
+  * the requirements of the Marvell SoC BootROM specifications.
+@@ -353,6 +361,7 @@ static uint8_t baudrate_to_option(unsigned int baudrate)
+ 	}
+ }
+ 
++#if defined(CONFIG_KWB_SECURE)
+ static void kwb_msg(const char *fmt, ...)
+ {
+ 	if (verbose_mode) {
+@@ -847,6 +856,8 @@ done:
+ 	return ret;
+ }
+ 
++#endif
++
+ static void *image_create_v0(size_t *imagesz, struct image_tool_params *params,
+ 			     int payloadsz)
+ {
+@@ -977,11 +988,13 @@ static size_t image_headersz_v1(int *hasext)
+ 			*hasext = 1;
+ 	}
+ 
++#if defined(CONFIG_KWB_SECURE)
+ 	if (image_get_csk_index() >= 0) {
+ 		headersz += sizeof(struct secure_hdr_v1);
+ 		if (hasext)
+ 			*hasext = 1;
+ 	}
++#endif
+ 
+ 	/*
+ 	 * The payload should be aligned on some reasonable
+@@ -1058,6 +1071,8 @@ err_close:
+ 	return -1;
+ }
+ 
++#if defined(CONFIG_KWB_SECURE)
++
+ int export_pub_kak_hash(RSA *kak, struct secure_hdr_v1 *secure_hdr)
+ {
+ 	FILE *hashf;
+@@ -1170,6 +1185,7 @@ int add_secure_header_v1(struct image_tool_params *params, uint8_t *ptr,
+ 
+ 	return 0;
+ }
++#endif
+ 
+ static void *image_create_v1(size_t *imagesz, struct image_tool_params *params,
+ 			     uint8_t *ptr, int payloadsz)
+@@ -1177,7 +1193,9 @@ static void *image_create_v1(size_t *imagesz, struct image_tool_params *params,
+ 	struct image_cfg_element *e;
+ 	struct main_hdr_v1 *main_hdr;
+ 	struct register_set_hdr_v1 *register_set_hdr;
++#if defined(CONFIG_KWB_SECURE)
+ 	struct secure_hdr_v1 *secure_hdr = NULL;
++#endif
+ 	size_t headersz;
+ 	uint8_t *image, *cur;
+ 	int hasext = 0;
+@@ -1253,6 +1271,7 @@ static void *image_create_v1(size_t *imagesz, struct image_tool_params *params,
+ 	if (main_hdr->blockid == IBR_HDR_PEX_ID)
+ 		main_hdr->srcaddr = cpu_to_le32(0xFFFFFFFF);
+ 
++#if defined(CONFIG_KWB_SECURE)
+ 	if (image_get_csk_index() >= 0) {
+ 		/*
+ 		 * only reserve the space here; we fill the header later since
+@@ -1263,6 +1282,7 @@ static void *image_create_v1(size_t *imagesz, struct image_tool_params *params,
+ 		*next_ext = 1;
+ 		next_ext = &secure_hdr->next;
+ 	}
++#endif
+ 
+ 	datai = 0;
+ 	register_set_hdr = (struct register_set_hdr_v1 *)cur;
+@@ -1310,9 +1330,11 @@ static void *image_create_v1(size_t *imagesz, struct image_tool_params *params,
+ 			return NULL;
+ 	}
+ 
++#if defined(CONFIG_KWB_SECURE)
+ 	if (secure_hdr && add_secure_header_v1(params, ptr, payloadsz,
+ 					       headersz, image, secure_hdr))
+ 		return NULL;
++#endif
+ 
+ 	/* Calculate and set the header checksum */
+ 	main_hdr->checksum = image_checksum8(main_hdr, headersz);
+-- 
+2.30.2
+
diff --git a/gnu/packages/patches/udiskie-no-appindicator.patch b/gnu/packages/patches/udiskie-no-appindicator.patch
deleted file mode 100644
index df3efe104b..0000000000
--- a/gnu/packages/patches/udiskie-no-appindicator.patch
+++ /dev/null
@@ -1,155 +0,0 @@
-Remove the support for Unity's appindicator.
-
-diff -Naur udiskie-2.0.4/completions/zsh/_udiskie udiskie-2.0.4-new/completions/zsh/_udiskie
---- udiskie-2.0.4/completions/zsh/_udiskie	2020-01-21 01:12:40.000000000 +0100
-+++ udiskie-2.0.4-new/completions/zsh/_udiskie	2020-01-23 10:15:46.956141667 +0100
-@@ -18,8 +18,6 @@
-     '(-a)'{-A,--no-automount}"[disable automounting]"
-     '(-N)'{-n,--notify}"[show popup notifications]"
-     '(-n)'{-N,--no-notify}"[disable notifications]"
--    '(--no-appindicator)'--appindicator"[use appindicator for status icon]"
--    '(--appindicator)'--no-appindicator"[don't use appindicator]"
-     '(-T -s)'{-t,--tray}"[show tray icon]"
-     '(-T -t)'{-s,--smart-tray}"[auto hide tray icon]"
-     '(-t -s)'{-T,--no-tray}"[disable tray icon]"
-diff -Naur udiskie-2.0.4/doc/udiskie.8.txt udiskie-2.0.4-new/doc/udiskie.8.txt
---- udiskie-2.0.4/doc/udiskie.8.txt	2020-01-21 01:12:40.000000000 +0100
-+++ udiskie-2.0.4-new/doc/udiskie.8.txt	2020-01-23 10:16:12.636290647 +0100
-@@ -92,12 +92,6 @@
- *--no-terminal*::
- 	Disable terminal action.
- 
--*--appindicator*::
--	Use AppIndicator3 for the status icon. Use this on Ubuntu/Unity if no icon is shown.
--
--*--no-appindicator*::
--	Use Gtk.StatusIcon for the status icon (default).
--
- *--password-cache MINUTES*::
- 	Cache passwords for LUKS partitions and set the timeout.
- 
-diff -Naur udiskie-2.0.4/udiskie/appindicator.py udiskie-2.0.4-new/udiskie/appindicator.py
---- udiskie-2.0.4/udiskie/appindicator.py	2020-01-21 01:12:40.000000000 +0100
-+++ udiskie-2.0.4-new/udiskie/appindicator.py	1970-01-01 01:00:00.000000000 +0100
-@@ -1,61 +0,0 @@
--"""
--Status icon using AppIndicator3.
--"""
--
--from gi.repository import Gtk
--from gi.repository import AppIndicator3
--
--from .async_ import Future
--
--
--class AppIndicatorIcon:
--
--    """
--    Show status icon using AppIndicator as backend. Replaces
--    `udiskie.tray.StatusIcon` on ubuntu/unity.
--    """
--
--    def __init__(self, menumaker, _icons):
--        self._maker = menumaker
--        self._menu = Gtk.Menu()
--        self._indicator = AppIndicator3.Indicator.new(
--            'udiskie',
--            _icons.get_icon_name('media'),
--            AppIndicator3.IndicatorCategory.HARDWARE)
--        self._indicator.set_status(AppIndicator3.IndicatorStatus.PASSIVE)
--        self._indicator.set_menu(self._menu)
--        # Get notified before menu is shown, see:
--        # https://bugs.launchpad.net/screenlets/+bug/522152/comments/15
--        dbusmenuserver = self._indicator.get_property('dbus-menu-server')
--        self._dbusmenuitem = dbusmenuserver.get_property('root-node')
--        self._conn = self._dbusmenuitem.connect('about-to-show', self._on_show)
--        self.task = Future()
--        menumaker._quit_action = self.destroy
--        # Populate menu initially, so libdbusmenu does not ignore the
--        # 'about-to-show':
--        self._maker(self._menu)
--
--    def destroy(self):
--        self.show(False)
--        self._dbusmenuitem.disconnect(self._conn)
--        self.task.set_result(True)
--
--    @property
--    def visible(self):
--        status = self._indicator.get_status()
--        return status == AppIndicator3.IndicatorStatus.ACTIVE
--
--    def show(self, show=True):
--        if show == self.visible:
--            return
--        status = (AppIndicator3.IndicatorStatus.ACTIVE if show else
--                  AppIndicator3.IndicatorStatus.PASSIVE)
--        self._indicator.set_status(status)
--
--    def _on_show(self, menu):
--        # clear menu:
--        for item in self._menu.get_children():
--            self._menu.remove(item)
--        # repopulate:
--        self._maker(self._menu)
--        self._menu.show_all()
-diff -Naur udiskie-2.0.4/udiskie/cli.py udiskie-2.0.4-new/udiskie/cli.py
---- udiskie-2.0.4/udiskie/cli.py	2020-01-21 01:12:40.000000000 +0100
-+++ udiskie-2.0.4-new/udiskie/cli.py	2020-01-23 10:17:13.064810617 +0100
-@@ -287,9 +287,6 @@
-         -T, --no-tray                           Disable tray icon
-         -m MENU, --menu MENU                    Tray menu [flat/nested]
- 
--        --appindicator                          Use appindicator for status icon
--        --no-appindicator                       Don't use appindicator
--
-         --password-cache MINUTES                Set password cache timeout
-         --no-password-cache                     Disable password cache
- 
-@@ -312,7 +309,6 @@
-         'notify': True,
-         'tray': False,
-         'menu': 'flat',
--        'appindicator': False,
-         'file_manager': 'xdg-open',
-         'terminal': '',
-         'password_prompt': 'builtin:gui',
-@@ -328,7 +324,6 @@
-             '--no-tray': False,
-             '--smart-tray': 'auto'}),
-         'menu': Value('--menu'),
--        'appindicator': Switch('appindicator'),
-         'file_manager': OptionalValue('--file-manager'),
-         'password_prompt': OptionalValue('--password-prompt'),
-         'password_cache': OptionalValue('--password-cache'),
-@@ -459,11 +454,7 @@
- 
-         menu_maker = udiskie.tray.UdiskieMenu(self, icons, actions, flat,
-                                               config.quickmenu_actions)
--        if options['appindicator']:
--            import udiskie.appindicator
--            TrayIcon = udiskie.appindicator.AppIndicatorIcon
--        else:
--            TrayIcon = udiskie.tray.TrayIcon
-+        TrayIcon = udiskie.tray.TrayIcon
-         trayicon = TrayIcon(menu_maker, icons)
-         return udiskie.tray.UdiskieStatusIcon(trayicon, menu_maker, smart)
- 
-diff -Naur udiskie-2.0.4/udiskie.egg-info/SOURCES.txt udiskie-2.0.4-new/udiskie.egg-info/SOURCES.txt
---- udiskie-2.0.4/udiskie.egg-info/SOURCES.txt	2020-01-21 01:12:41.000000000 +0100
-+++ udiskie-2.0.4-new/udiskie.egg-info/SOURCES.txt	2020-01-23 10:17:50.657205798 +0100
-@@ -25,7 +25,6 @@
- test/test_cache.py
- test/test_match.py
- udiskie/__init__.py
--udiskie/appindicator.py
- udiskie/async_.py
- udiskie/automount.py
- udiskie/cache.py
-@@ -47,4 +46,4 @@
- udiskie.egg-info/entry_points.txt
- udiskie.egg-info/requires.txt
- udiskie.egg-info/top_level.txt
--udiskie.egg-info/zip-safe
-\ Pas de fin de ligne à la fin du fichier
-+udiskie.egg-info/zip-safe
diff --git a/gnu/packages/patches/zig-disable-libc-note-test.patch b/gnu/packages/patches/zig-disable-libc-note-test.patch
new file mode 100644
index 0000000000..4d76139efb
--- /dev/null
+++ b/gnu/packages/patches/zig-disable-libc-note-test.patch
@@ -0,0 +1,31 @@
+This test fails with "error.CompilationIncorrectlySucceeded".
+
+diff --git a/test/compile_errors.zig b/test/compile_errors.zig
+index fd1255c..20d5548 100644
+--- a/test/compile_errors.zig
++++ b/test/compile_errors.zig
+@@ -2751,15 +2751,15 @@ pub fn addCases(cases: *tests.CompileErrorContext) void {
+             "tmp.zig:3:5: error: dependency on libc must be explicitly specified in the build command",
+         });
+
+-        cases.addTest("libc headers note",
+-            \\const c = @cImport(@cInclude("stdio.h"));
+-            \\export fn entry() void {
+-            \\    _ = c.printf("hello, world!\n");
+-            \\}
+-        , &[_][]const u8{
+-            "tmp.zig:1:11: error: C import failed",
+-            "tmp.zig:1:11: note: libc headers not available; compilation does not link against libc",
+-        });
++//        cases.addTest("libc headers note",
++//            \\const c = @cImport(@cInclude("stdio.h"));
++//            \\export fn entry() void {
++//            \\    _ = c.printf("hello, world!\n");
++//            \\}
++//        , &[_][]const u8{
++//            "tmp.zig:1:11: error: C import failed",
++//            "tmp.zig:1:11: note: libc headers not available; compilation does not link against libc",
++//        });
+     }
+
+     cases.addTest("comptime vector overflow shows the index",
diff --git a/gnu/packages/patches/zig-use-system-paths.patch b/gnu/packages/patches/zig-use-system-paths.patch
new file mode 100644
index 0000000000..33b7da1e0d
--- /dev/null
+++ b/gnu/packages/patches/zig-use-system-paths.patch
@@ -0,0 +1,143 @@
+This patch replaces the OS-specific detection mechanism by one that solely
+relies on environment variables.  This has the benefit that said environment
+variables can be used as search paths in Guix.
+
+Index: zig-0.8.1/lib/std/zig/system.zig
+===================================================================
+--- zig-0.8.1.orig/lib/std/zig/system.zig
++++ zig-0.8.1/lib/std/zig/system.zig
+@@ -39,101 +39,57 @@ pub const NativePaths = struct {
+         };
+         errdefer self.deinit();
+
+-        var is_nix = false;
+-        if (process.getEnvVarOwned(allocator, "NIX_CFLAGS_COMPILE")) |nix_cflags_compile| {
+-            defer allocator.free(nix_cflags_compile);
+-
+-            is_nix = true;
+-            var it = mem.tokenize(nix_cflags_compile, " ");
++        // TODO: Support cross-compile paths?
++        if (process.getEnvVarOwned(allocator, "C_INCLUDE_PATH")) |c_include_path| {
++            defer allocator.free(c_include_path);
++            var it = mem.tokenize(c_include_path, ":");
+             while (true) {
+-                const word = it.next() orelse break;
+-                if (mem.eql(u8, word, "-isystem")) {
+-                    const include_path = it.next() orelse {
+-                        try self.addWarning("Expected argument after -isystem in NIX_CFLAGS_COMPILE");
+-                        break;
+-                    };
+-                    try self.addIncludeDir(include_path);
+-                } else {
+-                    if (mem.startsWith(u8, word, "-frandom-seed=")) {
+-                        continue;
+-                    }
+-                    try self.addWarningFmt("Unrecognized C flag from NIX_CFLAGS_COMPILE: {s}", .{word});
+-                }
++                const dir = it.next() orelse break;
++                try self.addIncludeDir(dir);
+             }
+         } else |err| switch (err) {
+             error.InvalidUtf8 => {},
+             error.EnvironmentVariableNotFound => {},
+             error.OutOfMemory => |e| return e,
+         }
+-        if (process.getEnvVarOwned(allocator, "NIX_LDFLAGS")) |nix_ldflags| {
+-            defer allocator.free(nix_ldflags);
+
+-            is_nix = true;
+-            var it = mem.tokenize(nix_ldflags, " ");
++        if (process.getEnvVarOwned(allocator, "CPLUS_INCLUDE_PATH")) |cplus_include_path| {
++            defer allocator.free(cplus_include_path);
++            var it = mem.tokenize(cplus_include_path, ":");
+             while (true) {
+-                const word = it.next() orelse break;
+-                if (mem.eql(u8, word, "-rpath")) {
+-                    const rpath = it.next() orelse {
+-                        try self.addWarning("Expected argument after -rpath in NIX_LDFLAGS");
+-                        break;
+-                    };
+-                    try self.addRPath(rpath);
+-                } else if (word.len > 2 and word[0] == '-' and word[1] == 'L') {
+-                    const lib_path = word[2..];
+-                    try self.addLibDir(lib_path);
+-                } else {
+-                    try self.addWarningFmt("Unrecognized C flag from NIX_LDFLAGS: {s}", .{word});
+-                    break;
+-                }
++                const dir = it.next() orelse break;
++                try self.addIncludeDir(dir);
+             }
+         } else |err| switch (err) {
+             error.InvalidUtf8 => {},
+             error.EnvironmentVariableNotFound => {},
+             error.OutOfMemory => |e| return e,
+         }
+-        if (is_nix) {
+-            return self;
+-        }
+-
+-        if (comptime Target.current.isDarwin()) {
+-            try self.addIncludeDir("/usr/include");
+-            try self.addIncludeDir("/usr/local/include");
+
+-            try self.addLibDir("/usr/lib");
+-            try self.addLibDir("/usr/local/lib");
+-
+-            try self.addFrameworkDir("/Library/Frameworks");
+-            try self.addFrameworkDir("/System/Library/Frameworks");
+-
+-            return self;
++        if (process.getEnvVarOwned(allocator, "LIBRARY_PATH")) |library_path| {
++            defer allocator.free(library_path);
++            var it = mem.tokenize(library_path, ":");
++            while (true) {
++                const dir = it.next() orelse break;
++                try self.addLibDir(dir);
++            }
++        } else |err| switch (err) {
++            error.InvalidUtf8 => {},
++            error.EnvironmentVariableNotFound => {},
++            error.OutOfMemory => |e| return e,
+         }
+
+-        if (native_target.os.tag != .windows) {
+-            const triple = try native_target.linuxTriple(allocator);
+-            const qual = native_target.cpu.arch.ptrBitWidth();
+-
+-            // TODO: $ ld --verbose | grep SEARCH_DIR
+-            // the output contains some paths that end with lib64, maybe include them too?
+-            // TODO: what is the best possible order of things?
+-            // TODO: some of these are suspect and should only be added on some systems. audit needed.
+-
+-            try self.addIncludeDir("/usr/local/include");
+-            try self.addLibDirFmt("/usr/local/lib{d}", .{qual});
+-            try self.addLibDir("/usr/local/lib");
+-
+-            try self.addIncludeDirFmt("/usr/include/{s}", .{triple});
+-            try self.addLibDirFmt("/usr/lib/{s}", .{triple});
+-
+-            try self.addIncludeDir("/usr/include");
+-            try self.addLibDirFmt("/lib{d}", .{qual});
+-            try self.addLibDir("/lib");
+-            try self.addLibDirFmt("/usr/lib{d}", .{qual});
+-            try self.addLibDir("/usr/lib");
+-
+-            // example: on a 64-bit debian-based linux distro, with zlib installed from apt:
+-            // zlib.h is in /usr/include (added above)
+-            // libz.so.1 is in /lib/x86_64-linux-gnu (added here)
+-            try self.addLibDirFmt("/lib/{s}", .{triple});
++        if (process.getEnvVarOwned(allocator, "DYLD_FRAMEWORK_PATH")) |dyld_framework_path| {
++            defer allocator.free(dyld_framework_path);
++            var it = mem.tokenize(dyld_framework_path, ":");
++            while (true) {
++                const dir = it.next() orelse break;
++                try self.addFrameworkDir(dir);
++            }
++        } else |err| switch (err) {
++            error.InvalidUtf8 => {},
++            error.EnvironmentVariableNotFound => {},
++            error.OutOfMemory => |e| return e,
+         }
+
+         return self;