06 Jul 2026
Planet KDE | English
Week 4 + Week 5 GSoC update | Almost had a heart attack
Ok, the title is slightly click-baity but hear me out.
So nearly 2 weeks ago, after writing a lot of code for making the font subsetting work for annotations, I found a flaw in my approach.
I was never deleting the old original font after embedding it's subset version.
So what happened is that:
- Suppose a user creates a new annotation in an empty PDF.
- The subsetted font gets embedded and used in the PDF.
- But the original font stays there, taking space.
This is actually slightly worse than when we had no subsetting at all.
So the solution should just be to delete the original font right? Nope
If we simply delete the original font, it would create the following problem:
- Suppose a PDF with two annotations pointing / using the same font.
- User edits the 1st annotation.
- 1st annotation uses the subset font, and the old font gets deleted from the PDF.
- The 2nd annotation is rendered useless.
When I realized this, I thought I would need to completely change how I do subsetting, and almost all the code I had written will go to waste.
My new idea was to never let the full version of a font to exist inside the PDF. What I mean is subsetting immediately when the font is loaded from the disk and is about to be embedded as a Font object.
But I had a meeting with my mentor Albert Astals Cid yesterday, and we decided to settle on a simpler approach. We can simply detect if the font we want to delete is:- a font we added ourselves or a pre-existing font inside the PDF.
If we added it ourselves, we can safely remove it. Otherwise, let it stay there as it might be in use by other annotations.
I implemented it today, and we have working font subsetting for freetext annotations right now (not merged).
https://gitlab.freedesktop.org/poppler/poppler/-/merge_requests/2220
A simple size experiment
Here's a simple experiment which demonstrates the impact of font subsetting on PDF file size:
Original file size: 105820 bytes = 105.82 KB
After adding an annotation with content "hello world":
Poppler without font subsetting: 504699 bytes = 504.699 KB
Poppler with font subsetting: 145806 bytes = 145.806 KB
That's like a 500% improvement...
What's next
- Right now, I only do the subsetting for ttf/otf fonts and not for ttc fonts. I need to do that.
- I need to make the subsetting work for forms as well.
Thank You
Good Night!
06 Jul 2026 6:46pm GMT
Kdenlive 26.04.3 released
The last maintenance release of the 26.04 series is out, bringing the usual batch of bug fixes and workflow and stability improvements. Highlights include fixes for crashes when undoing sequence creation and recording audio without an audio device, as well as improvements to Rectangular Alpha Mask and Rotoscoping effects. This release also continues the security hardening efforts of this cycle by preventing unwanted command execution on MLT versions below 7.40.
For the full changelog continue reading on kdenlive.org.
06 Jul 2026 1:15pm GMT
Week 6: Gradient Widget Wired to Qt-Color-Widgets
This is a weekly update from my Google Summer of Code 2026 project with KDE, improving effect widgets in Kdenlive, a free and open source video editor.
Gradient widget: switched to Qt-Color-Widgets
Julius Künzel suggested last week that the Gradient widget be built with an eye toward upstreaming to KDE Frameworks, pointing to Qt-Color-Widgets's GradientEditor class as a reference. It's already vendored inside MLT's Glaxnimate module, so this week I wired it in directly instead of maintaining a fully custom-painted widget.
The vendored color_widgets::GradientEditor gives a native-styled gradient bar with checkerboard alpha preview, drag-and-drop stop reordering, and its own color dialog, all for free.
Fixing undo-stack behavior
The library only emits stopsChanged on completed actions (mouse release, menu add/remove, dialog accept), not per-pixel during drags. That meant two bugs: every plain click created a junk undo-stack entry, and drags had no live preview on the monitor at all.
Fixed with three pieces:
commitStops()emitsvalueChanged(..., true)only when the serialized value actually changed- An
eventFilteremitsvalueChanged(..., false)during drag moves, for live monitor preview - An echo-guard in
slotRefresh()ignores the model value coming back from our own emit; without it, the synchronous refresh resets the editor's selection and kills the drag mid-motion
32-stop cap
MLT's gradientmap filter supports stop.1 through stop.32. The library has no pre-add hook to reject a 33rd stop, so commitStops() rejects after the fact: the just-added stop gets removed and the editor reset under a signal blocker, with no undo entry created. gradientStopsFromString() also truncates at 32 on load, so an over-long saved value can't smuggle in extra stops. Exposed as GradientEditWidget::MaxStops.
Build: configurable vendor path
The path to Qt-Color-Widgets was previously hardcoded assuming a sibling MLT checkout. Replaced with a KDENLIVE_QTCOLORWIDGETS_PATH CMake cache variable; same default, overridable with -D, and a missing path is now a fatal configure error instead of a silent skip that only surfaced at compile time.
Tests
gradienteditwidgettest.cpp now covers a full widget-interaction path with a real timeline document and synthesized mouse events: a plain click produces zero undo entries, a drag produces two preview emissions plus exactly one committed undo entry, and adding a 33rd stop is rejected with the editor staying at 32. All 5 test cases pass, 62 assertions.
What's next
Four commits are done locally (gradient widget + CMake + tests, plus two unrelated Qt 6.10 compat fixes found along the way), but nothing's pushed yet. Waiting on Jean-Baptiste to confirm this is the direction to commit to before opening an MR.
06 Jul 2026 10:20am GMT
05 Jul 2026
Planet KDE | English
KDE Gear 26.08 branches created
Make sure you commit anything you want to end up in the KDE Gear 26.08 releases to them
Next Dates:
- July 16, 2026, 23:59 UTC: 26.08 Freeze and Beta (26.07.80) tarball creation
- July 17 2026: 26.08 Beta (26.07.80) release
- July 30, 2026, 23:59 UTC: 26.08 RC (26.07.90) tarball creation
- July 31, 2026: 26.08 RC (26.07.90) Release
- August 13, 2026, 23:59 UTC: 26.08 tarball creation
- August 14, 2026: 26.08 packages released to packagers
- August 20, 2026: 26.08 Release
https://community.kde.org/Schedules/KDE_Gear_26.08_Schedule
05 Jul 2026 10:22pm GMT
Rolisteam v1.10 is out!
After a long development cycle, we are thrilled to announce the official release of Rolisteam v1.10. This version brings a wave of brand-new tools for Game Masters, a major technical overhaul of the whole project, and a much healthier codebase for the years to come.
Download it now: https://rolisteam.org/02_download/
What's new
Mind maps
Rolisteam now embeds a full mind-map editor, letting you sketch out plots, NPC relationships, or campaign notes visually, right next to your other campaign tools.
Watch it in action: https://youtu.be/3dkokPLlre8
Documentation: https://doc.rolisteam.org/21_mindmap/
3D dice, powered by a physics engine
Rolling dice has never been more satisfying. The new 3D dice roller uses a real physics engine to simulate dice tumbling and bouncing, giving your rolls a tactile, tabletop feel.
Watch it in action: https://youtu.be/d18iqq4eNFw
Documentation: https://doc.rolisteam.org/34_dice3d/
A new interface for instant messaging
The instant messaging panel has been redesigned from the ground up for better readability and a smoother chat experience during your sessions.
Watch it in action: https://youtu.be/t8iAKKfH2E4
Documentation: https://doc.rolisteam.org/07_chat/
Antagonist panel
A brand-new Antagonist panel lets you list and manage all the NPCs of your campaign in one place, with search and filtering options to quickly find the antagonist you need, right when you need it.
Watch it in action: https://youtu.be/CKDvFuruCwE
Documentation: https://doc.rolisteam.org/07_antagonist/
A new connection profile selection dialog
Choosing and managing your connection profiles is now easier thanks to a completely reworked selection dialog.
Watch it in action: https://youtu.be/BJ0_8XG9NQc
Documentation: https://doc.rolisteam.org/03_firststeps/
Improvements
Battle maps
- New, streamlined toolbar for the vectorial map (VMap).
- Full light and shadow management, including support for multiple light sources, adjustable light radius, and network synchronization of lights.
- New shadow casting from walls, computed via raycasting, for more realistic fog-of-war and line-of-sight.
- Various improvements to zoom, item resizing, drag-and-drop from the media panel, and undo/redo reliability.
Watch it in action: https://youtu.be/RtnZxa5HjAQ
Documentation: https://doc.rolisteam.org/05_vectorialmap/
Character sheet
- Reworked tables for a more flexible and reliable layout.
- Dice commands can now be written directly in the sheet's code.
- New buttons to navigate to the next/previous page of a multi-page sheet.
- Automatic sharing
- RCSE: Auto filler dialog
- RCSE: New way to generate code
Watch it in action: https://youtu.be/343vYAqrui8
Documentation: https://doc.rolisteam.org/06_charactersheet/
PDF viewer
The built-in PDF viewer, used for sharing handouts and rulebook excerpts with your players, has also received its share of polish this release.
Watch it in action: https://youtu.be/rRrQwUmLUp0
Documentation: https://doc.rolisteam.org/20_pdf/
Translations
Thanks to the KDE translation teams, Rolisteam is now available in even more languages, with existing translations kept up to date release after release.
Refactoring
Under the hood, this release is the result of a massive modernization effort:
- Port to Qt 6 - the entire codebase now runs on the Qt 6 framework.
- Build system switched to CMake, replacing the previous qmake-based setup.
- Websites migrated from self-hosting to KDE's infrastructure.
- Websites migrated from the Pelican generator to Hugo.
- Source hosting moved from GitHub to KDE's GitLab.
Quality
Code quality and long-term maintainability were a major focus of this release:
- 70% of the code is now covered by unit tests.
- An extensive suite of validation tests now runs continuously to catch regressions early.
- Dedicated test coverage was added for the mind-map, the character sheet, translations, and the network layer.
- Continuous integration now tracks code coverage on every change.
A huge thank you
This release wouldn't have been possible without the community, the KDE translation teams, and everyone who reported bugs, tested pre-releases, and contributed code. Thank you!
Download Rolisteam v1.10 now: https://rolisteam.org/02_download/
05 Jul 2026 2:22pm GMT
KDE snaps, Debian packaging adventures, and what's next
Updated KDE content snaps with Qt 6.11.1, KF6 6.27.0, and Applications 26.04.3, critical bug fixes, Debian packaging of Rust crates for Plasma 6.7.0, and what's on the horizon.
05 Jul 2026 12:00am GMT
04 Jul 2026
Planet KDE | English
This Week in Plasma: Better Animations
Welcome to a new issue of This Week in Plasma!
This week Plasma 6.7 received a few more stabilization bug-fixes while attention turned towards the upcoming 6.8 release. Some exciting changes are in progress, and a few have already merged, including highly visible improvements to some common animations.
Check it out!
Notable new features
Plasma 6.8
Updated the Emoji Selector app to version 17 of the Unicode emoji standard, giving you access to derpy new emojis like "️". (Jens Jerosch, plasma-desktop MR #3849)

Notable UI improvements
Plasma 6.7.2
Moved the global "Move Mouse to Focus" and "Move Mouse to Center" actions out of the Zoom effect, so they still work even if you've globally disabled the Zoom effect. (Vlad Zahorodnii, KDE Bugzilla #522070)
Plasma 6.7.3
Made KRunner's Bookmarks search provider return results for 2-character queries (so it will match "Qt", for example), and use fewer system resources. (Kai Uwe Broulik, plasma-workspace MR #6764)
The Clipboard widget's Actions Configuration page now uses better internal margins for the content. (Levi Leal, plasma-workspace MR #6779)
Plasma 6.8
The "Bouncing app icon" launch feedback style now uses a more visually pleasing animation with a better physics model, a more appropriate easing curve, and a higher frame-rate. (The Entropyist, kwin MR #9487)
The new sliding animation for notifications now uses a more natural easing curve, so it looks even better than it already did! (Thomas Duckworth, KDE Bugzilla #522276)
There's no longer a secret keyboard shortcut (previously Meta+Ctrl+x) that turns on clipboard actions. This was easy to press by accident, and would then make weird popups appear when you copied URLs. (Tobias Fella, plasma-workspace MR #6773)
The Digital Clock widget now requests "tabular numerals", which are monospaced digits supported by some fonts. The use of these numerals prevents the clock from changing its width as time passed in a few edge cases where the existing code to prevent that wasn't good enough. (Christoph Wolk, plasma-workspace MR #6797)
Discover's old "CD and DVD" category is now named "Disc Burning", because that's what apps expect it to be, which explains why it only contained disc burning apps. (Nate Graham, discover MR #1350)
And before you ask: no, we couldn't instead change the category to include all apps related to CDs and DVDs, because it's a standard category governed by a FreeDesktop spec, and to do that, we'd need a new one.
Info Center's Memory page now shows a busy indicator if it takes more than a moment to load. (Kai Uwe Broulik, kinfocenter MR #305)
You can now more easily find the System Settings page responsible for the "press and hold a key to see alternative characters" popup, to turn it on or off or change the delay before it appears. (Kristen McWilliam, plasma-keyboard MR #154)
The DrKonqi crash reporting wizard now tells you when it's safe to close the window. (Antti Savolainen, drkonqi MR #397)
Notable bug fixes
Plasma 6.6.6
Hardened the Task Manager widget against maliciously-crafted .desktop files for apps. (David Edmundson, plasma-workspace MR #6817)
Hardened the ksystemstats_intel_helper process against path traversal attacks. (Matthias Gerstner, ksystemstats MR #141)
Plasma 6.7.2
Fixed a recent regression that made certain screens incorrectly notify about being disconnected and re-connected in a loop after they went to sleep. (Xaver Hugl, KDE Bugzilla #521826)
Fixed a recent regression that produced corrupted visuals on some rotated screens and with some older AMD GPUs. (Xaver Hugl, KDE Bugzilla #521878 and KDE Bugzilla #521764)
Fixed a recent regression that broke the ability to drag desktop files and folders between screens. (Marco Martin, KDE Bugzilla #521713)
Fixed a recent regression that made SDR content look a bit de-saturated for some screens while in HDR mode. (Xaver Hugl, KDE Bugzilla #521759)
Fixed a recent regression that made certain ICC profiles show the wrong colors. (Xaver Hugl, KDE Bugzilla #522301)
Fixed a recent regression that made KWin lag and hang when playing certain poorly-optimized games via Proton. (Vlad Zahorodnii, KDE Bugzilla #522005)
The implementation of the new "press and hold for alternative characters" feature now prioritizes compatibility for apps, fixing a massive number of bugs. (Kristen McWilliam, plasma-keyboard MR #152)
The new Vietnamese calendar now shows the correct dates. (Trần Nam Tuấn, KDE Bugzilla #522099)
The new feature to show how much earlier or later a time zone is than your current one now correctly calculates the value for time zones with a half-hour offset that are earlier than your local time zone. Time is hard. (Michael Kohl, KDE Bugzilla #522037)
Forcing the use of the software pointer no longer makes it disappear when a window pushes a panel in "Dodge Windows" mode into its hidden state. (Xaver Hugl, KDE Bugzilla #521953)
The Mouse page in System Settings no longer shows layout glitches in X11. (Marco Martin, KDE Bugzilla #521992)
Text on the Networks widget's Details tab can no longer visually overflow when it's really long. (Manuel Alcaraz, KDE Bugzilla #522333)
Plasma 6.7.3
The "Kameleon" system service is now disabled by default, which prevents it from applying a color to your keyboard's backlit keys even if the feature to apply colors to RGB keyboard backlighting is disabled. The context here is that we added support for the Steam Machine's LED strip, and this also made it work for many keyboards, but exposed a pre-existing bug. (Oliver Beard, KDE Bugzilla #521793)
Spectacle no longer includes the tooltip showing image dimensions in the final screenshot if you accept a rectangular region by double-clicking it. (Noah Davis, KDE Bugzilla #513715)
Plasma 6.8
Fixed the most common crash in Plasma, which could happen once in a while when using multiple screens. (Marco Martin, KDE Bugzilla #500044)
Minimizing the window of an RDP client no longer stops the video stream. (Shouvik Kar, KDE Bugzilla #497765)
Frameworks 6.28
XWayland-using apps no longer start to behave in a couple of weird and quirky ways after XWayland itself crashes and restarts. (Vlad Zahorodnii, kwindowsystem MR #220)
Notable in performance & technical
Plasma 6.7.3
Fixed a recent performance regression that increased KWin's CPU usage on some Intel systems using atomic mode-setting. (Xaver Hugl, KDE Bugzilla #522075)
Plasma 6.8
Implemented support for version 1.6 of the Emulated Input system. (David Edmundson, kwin MR #9112)
KWin now internally only uses OpenGL ES, which ensures that it will always be working since everyone will be using it - at least until Vulkan support is farther along. OpenGL ES is necessary for some old GPUs and turns out to be sufficient for everything KWin needs anyway, so we don't anticipate any downsides from this change. (Xaver Hugl, kwin MR #9488)
How you can help
KDE has become important in the world, and your time and contributions have helped us get there. As we grow, we need your support to keep KDE sustainable.
Would you like to help put together this weekly report? Introduce yourself in the Matrix room and join the team!
Beyond that, you can help KDE by directly getting involved in any other projects. Donating time is actually more impactful than donating money. Each contributor makes a huge difference in KDE - you are not a number or a cog in a machine! You don't have to be a programmer, either; many other opportunities exist.
You can also help out by making a donation! This helps cover operational costs, salaries, travel expenses for contributors, and in general just keeps KDE bringing Free Software to the world.
To get a new Plasma feature or a bug fix mentioned here
Push a commit to the relevant merge request on invent.kde.org.
04 Jul 2026 12:00am GMT
03 Jul 2026
Planet KDE | English
Tellico 4.2.1 Released
Tellico 4.2.1 is available, with some improvements and bug fixes.
Improvements:
- Added user-defined data fetch argument (Bug 516055).
- Updated Google Scholar and Colnect data sources.
- Updated Google Books data source (Bug 522095).
- Updated external data source to allow termination by user (Bug 516057).
- Updated to allow multiple ISBN values (Bug 521157).
- Updated Album template to hide empty track tables and use loan information.
- Increased minimum image reader memory limit.
Bug Fixes:
- Fixed bug with exporting linked images (Bug 522094).
- Fixed bug with parsing field names with emoji (Bug 521148).
03 Jul 2026 4:55pm GMT
Web Review, Week 2026-27
Let's go for my web review for the week 2026-27.
What happened to the fight for the Internet?
Tags: tech, politics, surveillance
Excellent piece, where are the netizens who should be fighting back those bills? Looks like we became very complacent and passivity reigns this time around. Didn't think it was related to the pervasive centralisation already in place… but indeed that might be a strong contributing factor.
https://dustycloud.org/blog/what-happened-to-the-fight-for-the-internet/
Age verification is just a precursor to attribution of speech
Tags: tech, politics, law, surveillance
Definitely this, we can't trust this kind of mechanism for what they open the door to.
https://nonogra.ph/age-verification-is-just-a-precursor-to-attribution-of-speech-06-29-2026
my review of uruky
Tags: tech, web, search
Several times I bump into articles praising this one. I've been test driving it a bit, the experience is still a bit bare but it's clearly maturing. Definitely an option to keep an eye on in my opinion.
https://blog.sulimans.space/my-review-of-uruky/
Zuckerberg's increasingly bizarre war on whistleblowers
Tags: tech, social-media, facebook, ethics
There might be a method behind the madness of the thin skinned autocrat heading Meta… Unfortunately it probably works.
https://pluralistic.net/2026/06/27/zuckerstreisand-2/
Chatbots vs. Ozone
Tags: tech, geospatial, ai, machine-learning, gpt, economics, ecology
More reasons why the whole "data centers in space idea" is stupidly dangerous and likely unreachable.
https://blog.dshr.org/2026/05/chatbots-vs-ozone.html?m=1
Claude Code Is Steganographically Marking Requests
Tags: tech, ai, machine-learning, gpt, copilot, trust, security, privacy
You sure you can trust those systems? It's proprietary software and they're clearly on a slippery slop. For something so security sensitive this is concerning.
https://thereallo.dev/blog/claude-code-prompt-steganography
Prompt Injection as Role Confusion
Tags: tech, ai, machine-learning, gpt, cognition, security, safety
Interesting paper (go to the full one for all the details) which shows that with the current architecture it's really hard if not impossible to make safe systems with LLMs. This gives interesting insights in the weird form of proto-cognition those models exhibit.
https://role-confusion.github.io/
Text Editor: Data Structures
Tags: tech, text, editor, design
Neat introduction to the right data structures to use when making a text editor.
https://www.averylaird.com/programming/the%20text%20editor/2017/09/30/the-piece-table.html
Engineering High-Performance Parsers with Data-Oriented Design
Tags: tech, data-oriented, architecture, performance, parsing
Interesting article applying data oriented design to parsing tasks. This is really a good approach for performance.
https://www.arshad.fyi/writings/engineering-high-performance-parsers
Data Access Patterns That Makes Your CPU Really Angry
Tags: tech, cpu, memory, hardware, performance
Interesting experiment on how to totally break the performance of memory accesses. This gives good insights on the whole chain works.
https://blog.weineng.me/posts/slowest_add/
The Physics of Memory
Tags: tech, javascript, memory, data-oriented, performance
Unsurprisingly cache locality is a very important factor. What's interesting here is that it still applies to a language like Javascript where you'd expect to not have enough control on the memory layout to reap any benefits.
https://www.dmurph.com/posts/2026/06/ecs_vs_oop_benchmark/ecs_vs_oop_benchmark.html
High-performance Rust: Understanding and eliminating memory fragmentation
Tags: tech, rust, memory, embedded, performance
Interesting Rust options to limit the amount of heap allocations if you're constrained by memory or for performance reasons.
https://kerkour.com/rust-high-performance-memory-fragmentation-allocations
Hobby's algorithm for aesthetic Bézier splines
Tags: tech, graphics, mathematics
Interested in splines? This is a gentle introduction which points to further resources if you want to implement them.
https://www.jakelow.com/blog/hobby-curves#fn-2
What To Learn To Be A Real Time Graphics Programmer
Tags: tech, 3d, shader, mathematics, graphics
Wondering what to learn to get into graphics programming? This is a nice list.
https://blog.demofox.org/2026/07/01/what-to-learn-to-be-a-graphics-programmer/
Announcing Box3D
Tags: tech, physics, simulation, 3d
Exciting! This looks like a neat 3D physics engine.
https://box2d.org/posts/2026/06/announcing-box3d/
The essence of architectural work
Tags: tech, architecture, complexity
This is an ongoing series, but there are good insights about software architecture work in the first few articles. Shows quite well the important tradeoffs and the usual traps.
https://www.ufried.com/blog/essence_of_architecture_1/
Every bottlenose dolphin invents a unique whistle that becomes its name
Tags: biology, nature, cognition
So using personal names is not an inherently human trait, this is confirmed through research now. Before their were signs and suspicions, but now the trail of evidences is strong.
Notes from a burning Paris
Tags: climate, ecology
This is what things will look like in the coming years. Only probably worse, and for more and more people.
https://sarahwilson.substack.com/p/notes-from-a-burning-paris
Bye for now!
03 Jul 2026 10:36am GMT
Attention to Detail
A couple of months ago I improved some of our dialogs and this time I worked on some more. Did you know that you can just paste the clipboard's content into the Dolphin file manager or on the desktop to create a new file from it?
Tobias Fella added a proper "platform message dialog" for Qt to use. This replaces the hideous Qt Quick message dialogs you could see in some places. With that, we are also finally able to play our message box sounds for Qt-only applications using QMessageBox (instead of KMessageBox or KMessageDialog). To do this, Qt sends an QAccessible::Alert event that is then handled by the relevant platform accessibility integration. On Windows it for example calls the win32 PlaySound API. However, I didn't want to mess with Qt's AT-SPI1 stack just for this. Now that we provide a custom dialog, we might as well play the sound from there.
Just like the "New File" dialog, the paste dialog mentioned above also displays the file icon now. It also tries to guess what kind of file it is and automatically suggests a matching file extension. For example, copying something that looks like HTML will suggest the name "pasted file.html". You are of course still free to choose a different file name and extension.
An application can also suggest a name using the custom application/x-kde-suggestedfilename MIME type. Spectacle does this so a screenshot copied to clipboard and then pasted (rather than saved directly) will nevertheless use a "Screenshot_xyz" file name. The clipboard history now remembers the suggested name when it stores an entry so when you recall it later it will still use that name as expected.
When dropping a folder into Kate, all files contained within will be opened. Kate has always been able to open files on remote locations thanks to KIO but the drag and drop code only worked with local folders. This is now fixed and you can drop a folder from a SMB or other share into your Kate the same way as any local one.
A nifty addition to both the menu and settings page for choosing a syntax highlighting color scheme is a little preview icon similar to the application color scheme. This lets you roughly judge the appearance of the theme before selecting it.
Finally, KWin's debug console (Open KRunner, type "KWin") received a "Pick Window…" button. This way you can more easily find a particular window in the potentially long list of windows. The kwindowprop tool (KWin's equivalent to xprop) now also includes the PID of the process owning the window.
- Assistive Technology Service Provider Interface, a cross-desktop accessibility framework
︎
03 Jul 2026 10:23am GMT
02 Jul 2026
Planet KDE | English
Week 5: KWallet XML Import & Password Generator
This week I shipped two new features for KeepSecret. KWallet XML Import (!34)
The Import menu on the wallet page is now a submenu with two options:
-KeepSecret…
-KWallet XML…
Both import formats are converted into the same internal format, allowing them to use the existing import code. I only implemented import support, since exporting to the old KWallet format wasn't necessary because KWallet is being deprecated.
Password Generator (!35)
I added a Generate button to the Create New Entry dialog. Clicking it generates a random 16-character password and fills the password field.
The password is generated in SecretItemProxy::generatePassword() using QRandomGenerator::global(), which uses the operating system's secure random source. A character set is built from the selected options (lowercase letters, uppercase letters, numbers, and symbols), and each character is chosen randomly from that set. This also allows passwords to include symbols like !@#$%^&*.
The function returns a QByteArray instead of a QString, matching the existing code and avoiding an unnecessary copy of the secret in C++.
During code review, Michael K83 pointed out that secrets stored in normal QByteArray or QString objects are not automatically erased from memory after use. He suggested looking at how ksecretd and KeePassXC handle secure memory.
Marco Martin explained that an even bigger challenge exists once the password reaches QML. The password becomes a QString inside the QML engine, where Qt may create multiple internal copies that cannot be explicitly cleared. It will be addressed separately in issue #25.
02 Jul 2026 12:48pm GMT
KDE Gear 26.04.3
Over 180 individual programs plus dozens of programmer libraries and feature plugins are released simultaneously as part of KDE Gear.
Today they all get new bugfix source releases with updated translations, including:
- elisa: Change output device when global output is changed (Commit, fixes bug #512126)
- kdeconnect: Fix file transfers when notification sending is enabled (Commit, fixes bug #516765)
- kdenlive: Fix timeline playhead going out of view while playing (Commit, fixes bug #517494)
Distro and app store packagers should update their application packages.
- 26.04 release notes for information on tarballs and known issues.
- Package download wiki page
- 26.04.3 source info page
- 26.04.3 full changelog
02 Jul 2026 12:00am GMT
01 Jul 2026
Planet KDE | English
Persistent copyright & licensing information in client-side JavaScript, CSS and similar – feedback and second proposal
At FOSDEM 2025 I presented my (intentionally controversial) proposal how to keep copyright and licensing info in minified JS/CSS and asked for feedback, including from front-end developers.
Two months later, I took the feedback from FOSDEM and held a small workshop session with a group consisting of OSPO leaders, FOSS lawyers and a handful of FOSS developers at LLW 2025.
This blog post was finished1 more than a year after both, so I will not be summarizing my FOSDEM talk, and suggest you listen to it (esp. the Q&A part), if you are interested in the details.
But I will summarize the results of both sessions below.
Are SDPX IDs enough for compliance or not (given their templating)¶
Someone argued that for certain licenses - specifically, e.g. the MIT and BSD family - even the SPDX License List has a some templating in place, and as such identifying it with just an SPDX ID would not fulfil the license obligations, by strict reading of the license.
That is a concern that I identified already in my original proposal and I agree that my proposed approach has a certain amount of "handwaving", which is not 100% risk-proof.
(Spoiler: we fix this issue in the final proposal. Wait for the next blog post in this series.)
Impact on size of the minifed code¶
A common concern from web developers was how much keeping the SPDX/REUSE tags in the minified code would impact the its size.
With the help of the wonderful Lukas Taegert-Atkinson of Rollup fame, we managed to get a good idea what the impact adding REUSE/SPDX tags to all the files would have on the size of the minified code.
As an PoC Lukas made the following change to the build process of Rollup Browser, so we could compare the size of the minified code before and after the diff.
diff --git a/rollup.config.ts b/rollup.config.ts
--- a/rollup.config.ts (revision 384d5333fbc3d8918b41856822376da2a65ccaa3)
+++ b/rollup.config.ts (date 1742569205307)
@@ -152,7 +152,22 @@
collectLicensesBrowser(),
writeLicenseBrowser(),
cleanBeforeWrite('browser/dist'),
- emitWasmFile()
+ emitWasmFile(),
+ {
+ name: 'add-fake-tags',
+ transform(code) {
+ return {
+ code: `/*!
+* SPDX-SnippetBegin
+* SPDX-SnippetCopyrightText: © 2021 Test Dummy <dummy@test.example>
+* SPDX-License-Identifier: BSD-2-Clause
+*/
+${code}
+/*! SPDX-SnippetEnd */`,
+ map: { mappings: '' }
+ };
+ }
+ }
],
strictDeprecations: true,
treeshake
If Rollup Browser was built as per default, the full minified code resulted in 374 KiB.
After the patch that caused (dummy) snippet-level SPDX tags to be inserted into all the code (Rollup itself and its dependencies), the size grew to 415 KiB though.
That is a 11% increase in size. Not exactly negligible, but definitely far from terrible. And if tooling were to be updated, with de-duplication we could possibly take that number down quite a bit too.
In the previous tiny Svelte + Rollup + Terser PoC, both with and without SPDX tags are 12 KiB, so we need take a magnifying glass to compare 12.681 bytes with tags, and 12.324 bytes without them - that is just a 3% difference.
And in the previous React Scripts (+ WebPack + Terser) PoC, the overall build size is virtually unchanged, but oddly enough while some files become bigger, others become smaller.
With REUSE tags, the total size of build/static/ is 536 KiB (specifically, 531.070 bytes):
build/static/css:
.rw-r--r-- 1.038 hook 3 apr 01:54 main.05c219f8.css
.rw-r--r-- 1.759 hook 3 apr 01:54 main.05c219f8.css.map
build/static/js:
.rw-r--r-- 4.534 hook 3 apr 01:54 453.2a77899f.chunk.js
.rw-r--r-- 10.597 hook 3 apr 01:54 453.2a77899f.chunk.js.map
.rw-r--r-- 143.544 hook 3 apr 01:54 main.608edf8e.js
.rw-r--r-- 1.205 hook 3 apr 01:54 main.608edf8e.js.LICENSE.txt
.rw-r--r-- 368.393 hook 3 apr 01:54 main.608edf8e.js.map
and without the SPDX tags, the total size of build/static/ is also 536 KiB (specifically, 529.880 bytes):
build/static/css:
.rw-r--r-- 779 hook 3 apr 01:53 main.f855e6bc.css
.rw-r--r-- 1.427 hook 3 apr 01:53 main.f855e6bc.css.map
build/static/js:
.rw-r--r-- 4.534 hook 3 apr 01:53 453.2a77899f.chunk.js
.rw-r--r-- 10.597 hook 3 apr 01:53 453.2a77899f.chunk.js.map
.rw-r--r-- 143.544 hook 3 apr 01:53 main.608edf8e.js
.rw-r--r-- 1.070 hook 3 apr 01:53 main.608edf8e.js.LICENSE.txt
.rw-r--r-- 367.929 hook 3 apr 01:53 main.608edf8e.js.map
Which is a difference of measly 0.2%.
Lukas was also quick to point out that a ballpark estimation of how much extra space this would take is quite easy to calculate, as all it is needed is to count all files that would be included in the final JS (or CSS) bundle and multiply that with the size of the SPDX tags. As such, the impact would be bigger on projects that have many very short source code files, while smaller on those that have fewer, but longer source code files. Again, this is without taking any de-duplication into account.
So we can come up with a generic formula:
size = normal_minified_size + (number_of_files × 4_extra_lines)
What was the cause of the problem with the Snippet-Begin and Snippet-End tags?¶
You may recall in my original proposal that there was an issue with the SPDX-Snippet-Begin and SPDX-Snippet-End tags being jumbled in the resulting minified code.
According to Lucas, this is most likely something Terser caused when associating comments to functions and then optimizing the code. He is fairly positive it can be solved though.
(Again, spoiler: this will be a moot issue in the end. Wait for the next blog post.)
Do we need tags in the minified code?¶
Of course, a very good question is whether we need the REUSE/SPDX tags in the minified code itself. Especially, given that we do not require something as strict for other non-source code (e.g. compiled code).
I admit, I do not think we actually need to.
To be honest, why that is in the original proposal, is because I was trying to push just how far we can bring license compliance in client-side JS/CSS by just leveraging already existing standards and tools. It turns out we can push it very far - arguably ad absurdum ;)
So, no, I do not think we need that, but it was a good thought experiment and I think it was necessary to get discussion going2.
Alternative proposal: SBOM¶
But if we do not keep it in the code we ship, where do we keep the license/copyright info then?
At LLW 2025 we had a pretty intense session where ultimately we came up with an alternative proposal to generate an SBOM and ship that instead. This solves a lot of issues and is something that license compliance officers are already familiar with. It would also bring it closer to how we manage licensing when shipping non-web software.
The SBOM approach would require use of tooling and by the end of the day we were left with a bunch of loose threads, but in general, this sounds like a good way forward.
Conclusion: plan B in the making¶
Was all the effort now wasted?
Not at all.
Web pages and (SaaS) web applications are still a bit of a different beast, so we learned a lot in the past two years due to this exercise.
I am pretty confident we now have a way how to fulfil the license obligations:
- without making the web page too heavy;
- burdening web developers any more than other programmers;
- shipping machine-readable compliance artifacts; as well as
- making the information ready for human consumption too.
In the next blog post I will present the final proposal.
hook out → I think we're slowly onto something …
01 Jul 2026 10:00pm GMT
This month in KDE Linux: June 2026

Welcome to another edition of "This month in KDE Linux" - KDE's in-progress operating system.
This month was pretty smooth; we had no build delivery drama, and all OS images we shipped were of satisfactory quality. The project is maturing, and we're 78% of the way towards completing the beta milestone.
QA & testing
Bhushan Shah and Thomas Duckworth continued working on the project to build a robust and modern automatic QA system. It's really really close to being integrated at this point, and will act as a full-stack integration test for all of KDE Plasma in addition to a test system for KDE Linux specifically.
More user-friendly installation
Hadi Chokr did the huge amount of work necessary to transform KDE Linux's .raw image file into a hybrid image that's also a valid .iso file! This allows KDE Linux to be installed more easily using VM software that often expects to be given an .iso file.
Remember that you'll still need to turn on UEFI mode, as KDE Linux still intentionally doesn't support the legacy BIOS system!
Better audio CD ripping
Harald Sitter, Jan Rathmann, and I completed a small project to get KDE's Audex app up on Flathub as a replacement for the audiocd-kio software we had previously been pre-installing on the image.
The problem with audiocd-kio is that it included two System Settings pages of questionable utility that offered a fairly old-fashioned UX. Now we don't include those things, and instead we document how to download Audex and use it to rip CDs. And this way, you get automatic metadata lookup, too!
Easier log collection
Felix Araújo built a tool to ease the collection of logs called collect-logs. It also does some data sanitization. This will be very useful for bug reporting purposes!
Rudimentary "Developer Mode"
I created a very simple system to show and hide developer tools, and they're hidden by default until you run toggle-developer-mode, which is documented here.
This reduces clutter in the launcher widgets of users who aren't software developers. In the future we'll add more to this script, and we might consider moving more tools off the base image and into Flatpak apps or even downloadable meta-packages, thereby coming full circle by re-inventing packaging. Go figure.
Documentation
I wrote documentation for how to configure input methods for Chinese, Japanese, Korean, and Vietnamese text input, in consultation with several speakers of these languages.
And in the near future, we plan to pre-install some of these tools to make things easier for the world's 1.7 billion people who use one of them to communicate on their digital devices.
Grab bag
Thomas Duckworth made Plasma Browser Integration continue to be enabled by default with the latest version of Firefox.
I fixed ydotool, which I had previously broken by trying to force to run as a systemd service. Turns out it can't do that. So now it's at least disabled by default.
Yago Raña Gayoso enabled shell completions for kde-builder.
Aleix Pol Gonzalez removed a few pre-installed GTK libraries that it turns out weren't used for anything.
Vishal Rao prevented the live session from writing to the system's real-time clock, which could be a nuisance for people who don't end up installing the OS and go back to their already-installed OS.
Clément Villemur made the Calamares installer not bug you to connect to the internet, because it doesn't actually need internet access.
And that wraps up June! There are a lot of projects in flight right now, from finishing up the new QA system, to building moving the base OS with BuildStream, to hardening the kernel, to improving each image's changelogs.
So there's still lots to do! If you're a fan of the project, please help out; there are many ways:
- User support: help support people on discuss.kde.org using KDE Linux.
- Issue reporting: install KDE Linux and report issues.
- Documentation: improve docs; submit merge requests here.
- Flatpak: fix packaging or code issues in Flatpak-packaged apps.
- OS development: help build KDE Linux! There's plenty to do.
01 Jul 2026 6:52pm GMT
A Cross-Platform Rust UI Framework via Qt’s Bridging Technology
Rust has achieved something extraordinary: it genuinely excites people to write software. But when it comes to building a real user interface, the ecosystem is still finding its footing. There are numerous options to pick your Rust UI framework from, including those gaining traction, like Iced and egui. Most of the available UI frameworks, however, are still establishing themselves in production environments and fall short in feature-richness. Qt Bridges, a bridging technology in public beta for Rust, brings something different to the table: over three decades of real-world use, commercial support, and a framework that already runs in automotive dashboards, medical devices, and industrial systems worldwide. Qt Bridge for Rust makes that maturity available to Rust developers, providing access to a UI framework that lets you keep your Rust codebase while using Qt Quick's feature-rich UI libraries and APIs, hardware acceleration, and genuine cross-platform support.
![]()
01 Jul 2026 2:15pm GMT
Qt Bridges: Public Beta for the Rust Bridge Is Out!
Qt Bridges is a project we have been developing since 2025 to bring Qt's UI framework capabilities to other programming languages, without going through the full set of bindings. The focus is on the interaction with backend data objects, seamlessly integrated as QML components in a Qt Quick interface.
![]()
01 Jul 2026 2:15pm GMT

