Introduction

Hello! I’m Azhar, a Computer Science student who loves open-source development and contributing to KDE. This summer, I’m excited to be working on the Google Summer of Code (GSoC) project at KDE Community to integrate more KDE libraries into OSS-Fuzz.

While KDE already has some libraries integrated into OSS-Fuzz, such as KArchive, KImageFormats, and KCodecs, there are many more libraries that could benefit from this integration. The goal of this project is to expand the coverage of OSS-Fuzz across KDE libraries, making them more secure and reliable.

What is OSS-Fuzz?

OSS-Fuzz is a SaaS by Google to automatically find bugs and vulnerabilities in open-source projects through fuzz testing. Fuzzing involves feeding random or unexpected data into a software to uncover vulnerabilities that might otherwise go unnoticed. OSS-Fuzz continuously runs fuzz tests on the integrated open-source projects, reporting any crashes or issues found. This helps maintainers identify and fix bugs quickly, improving the overall quality of the software.

As of May 2025, OSS-Fuzz has helped identify and fix over 13,000 vulnerabilities and 50,000 bugs across 1,000 projects.
Source: OSS-Fuzz GitHub repository

Image from OSS-Fuzz GitHub repository, licensed under Apache 2.0.

Project Goals

The main goal of this project is to integrate more KDE libraries into OSS-Fuzz. This involves:

1. Identifying libraries: Analyzing the existing KDE libraries and identifying those that would benefit from OSS-Fuzz integration.
2. Creating fuzz targets: Writing fuzz targets for the identified libraries. A fuzz target is a specific function or API that will be tested with random data.
3. Integrating with OSS-Fuzz: Setting up the integration with OSS-Fuzz, including creating Dockerfile and a build script.
4. Testing and debugging: Running the fuzz tests and debugging any issues that arise during the process.

The objective is to integrate as many as KDE libraries possible into OSS-Fuzz by the end of the GSoC period, thereby enhancing the overall security and reliability of KDE software.

Initial Libraries

The following libraries have been identified for initial integration into OSS-Fuzz:

KFileMetaData

KFileMetaData is a library for reading and writing metadata in files. It supports various file formats, including images, audio, and video files. KFileMetaData is used by Baloo for indexing purposes. This means that many files may be processed by KFileMetaData without the user’s knowledge, making it a critical library to fuzz.

KMime

KMime is a library to assist handling MIME data. It provides classes for parsing MIME messages. KMime is used by various KDE applications, including KMail. This again means that the library may process malformed or unexpected data without the user’s knowledge.

KDE-Thumbnailers

KDE has many thumbnailer libraries, such as KDE-Graphics-Thumbnailers. These libraries are used to generate thumbnails for various file formats, including images, videos, and documents. These thumbnailers are used by Dolphin/KIO to generate previews of files and can be exposed to untrusted data.

Conclusion

Integrating KDE libraries into OSS-Fuzz is an important step towards improving the security and reliability of KDE software. Expanding OSS-Fuzz coverage to more libraries will help KDE maintainers quickly identify and fix bugs before they become problems for users.

KIO (KDE Input/Output) is what allows KDE applications to transparently and asynchronously access files, both local and over the network. It also provides many of the user interfaces for manipulating files, such as the Places panel, Open/Save dialog, folder properties, new file menu, and many more. The other day I went through some of its dialogs and gave them a slight overhaul.

When clicking an executable file, it confirms whether to really run it. In case of text-based programs, like shell scripts, it further offers to open it in the default application (usually a text editor). Previously it merely asked “What do you wish to do with this file?”. Now it actually includes the application icon, name, and type of file, to let you make an informed decision. While this might seem redundant, it’s possible that you are launching it from a place other than the file manager where the file might not in fact be just behind the dialog. In my opinion, it also makes it a lot nicer looking.

Including the name of the application that will open the file (e.g. “Open with Kate”, similar to the download finished notification) makes it a lot clearer what button will launch the file and what will just view it. For some reason I’ve always had a hard time picking the right option without thinking about it first – a mere “Open” felt somewhat ambiguous here.

The dialog that lets you pick a file name for a new file or folder received similar treatment and now displays the file type icon. It’s a nice visual touch that lets you know what the item you’re about to create is going to look like. More importantly, though, it now offers a selection of folder colors and icons! This way you can assign a custom icon to a folder as you’re creating it. This makes the fact that this is possible a lot more obvious.

It additionally remembers whether you expanded the icon section. If you use the feature, you’ll get it right then and there, and if you don’t, it shouldn’t bother you. It further keeps track of what custom icons you have picked, if any, so that over time the list will contain all the folder icons that you commonly use. We’re also considering to add a context menu entry to quickly assign colors and icons after the fact, implementing a long-standing feature request.

Finally, the Open/Save file dialog provided by the XDG Desktop Portal (typically used by your web browser and Flatpak applications) are properly modal to their parent application. Qt 6.8 brought support for the XDG Dialog protocol that enables windows be marked as modal. However, Qt only used it if the dialog’s parent window was in the same application. I fixed that for the upcoming Qt 6.10 (luckily it’s allowed to mark a dialog as modal without a parent window and then assign one afterwards) but in order to get this issue resolved for our users right now, I adjusted KWindowSystem to use XDG Dialog, too, when running a more contemporary Qt version.

Leaving the subject of dialogs, a while ago I added a busy indicator to the Places panel while devices are being (un)mounted. It now also shows while the trash is being emptied, should there be lots of stuff in it that takes a while to get rid of. The Trash widget in Plasma does so, too. While at it, I fixed bringing a running Dolphin instance to the front when clicking the Trash widget placed in a panel.

Last but not least, KIO finally prevents the system from going to sleep while copying or moving files!

Kdenlive 25.04.1 is now available, containing several fixes and improvements. Fixed bugs and improvements include :

• Fix effect stack layout that sometimes prevented accessing some parameters
• Fix a crash when loading many clips and switching project profile
• Further speed increase for audio thumbnails generation
• Reduce memory usage of the automask feature, allowing to create masks for longer clips

It is nice to note that these two last changes were made by Balooii, a new Kdenlive contributor!

See the full changelog below.

Welcome to a new issue of "This Week in KDE Apps"! Every week we cover as much as possible of what's happening in the world of KDE apps.

Creative Applications

Krita Digital Painting, Creative Freedom

Wolthera van Hövell continued to work on text rendering this week. She made the text rendering mode editable, so now it's possible to switch between text rendering optimizing speed, legibility, or geometric precision, and an automatic mode (link). She also fixed a bug where the resource system was slow because font metadata was not erased when removing the font (link).

Maciej Jesionowski improved the performance of the status bar by optimizing a function called in the hot path (link).

Kdenlive Video editor

Balooii optimized the process of downloading the online resource thumbnails. Kdenlive now downloads the thumbnails in parallel and converts them to pixmaps directly in memory (link). They also sped up audio thumbnail generation by 2.5x (link)!

Balooii also fixed some misalignment of the monitor tools which were caused by some rounding errors (link).

Travel Applications

KTrip Public transport navigator

Volker Krause and Carl Schwan worked on the departure page of KTrip, redesigning it completely and fixing a few bugs (link 1, link 2, link 3 and link 4).

Social Applications

NeoChat Chat on Matrix

James Graham ported the message delegate from QML to C++ to reduce the memory usage of the timeline (link) and reworked the implementation of the hover actions (link).

Office Applications

Calligra Sheets Spreadsheet

Pierre Ducroquet fixed the SEARCH function (link) and a crash when decoding some formulas (link).

Utilities

Barcode Scanner Scan and create QR-Codes

Salvo Tomaselli optimized the battery usage of Qrca by stopping the camera on mobile devices when the Qrca is in the background (link). He also made Qrca remember the last device used (link).

…And Everything Else

This blog only covers the tip of the iceberg! If you’re hungry for more, check out Nate's blog about Plasma and be sure not to miss his This Week in Plasma series, where every Saturday he covers all the work being put into KDE's Plasma desktop environment.

For a complete overview of what's going on, visit KDE's Planet, where you can find all KDE news unfiltered directly from our contributors.

Get Involved

The KDE organization has become important in the world, and your time and contributions have helped us get there. As we grow, we're going to need your support for KDE to become sustainable.

You can help KDE by becoming an active community member and getting involved. Each contributor makes a huge difference in KDE — you are not a number or a cog in a machine! You don’t have to be a programmer either. There are many things you can do: you can help hunt and confirm bugs, even maybe solve them; contribute designs for wallpapers, web pages, icons and app interfaces; translate messages and menu items into your own language; promote KDE in your local community; and a ton more things.

You can also help us by donating. Any monetary contribution, however small, will help us cover operational costs, salaries, travel expenses for contributors and in general just keep KDE bringing Free Software to the world.

To get your application mentioned here, please ping us in invent or in Matrix.

Hello KDE Community!

My name is Yelsin 'yorisoft' Sepulveda. I'm an engineer with experience in DevOps, Site Reliability, and Cloud Computing. I joined KDE as part of the GSoC application process early last month and have been contributing to a few projects ever since. Miraculously, my GSoC proposal has been selected! Hallelujah! Which means over this summer I'll be working on implementing game controller input recognition into KWin.

About the Project

Currently, applications directly manage controller input, leading to inconsistencies, the inability of the system to recognize controller input for power management, and unintentionally enabling/disabling "lizard mode" in certain controllers. This project proposes a solution to unify game controller input within KWin by capturing controller events, creating a virtual controller emulation layer, and ensuring proper routing of input to applications. This project aims to address the following issues:

• System Power Management: KWin lacks controller input recognition, preventing activity reporting and causing premature system sleep.
• "Lizard Mode": When KWin opens a file descriptor for certain gaming controller devices (like the Steam Controller and Steam Deck Controller), this disables those controllers' lizard mode (keyboard and mouse input emulation), since the controller detects that a program is now handling input?even if KWin isn't actively using it.
• Decentralized Input Handling: Individual application input handling results in inconsistent input parsing and limited remapping capabilities.

Project Goals

The primary goals of this project are to:

• Enable KWin to capture and process game controller input events.
• Implement a virtual controller emulation layer within KWin.
• Route physical controller input 1:1 to emulated devices, including haptics.
• Prevent system sleep during active controller use.
• Manage "lizard mode" for compatible controllers.
• Establish a foundation for future features: global remapping, haptics settings, and advanced Wayland protocols.

About Me

I often spend my time surfing the internet learning new things, spending quality time with family and friends, or picking up new hobbies and skills-such as music! You could say I'm someone who likes to jump between multiple hobbies and interests. As of late, I'm learning a new snare solo and how to build an online brand.

I started my career as a DevOps Engineer and SRE where I learned tools like Jenkins, Docker, and Terraform. I then transitioned to a Solutions Architect role where I worked with many different cloud technologies and helped other companies design their cloud architecture. I am relatively new to contributing to open-source projects but have been an avid user of Linux and open-source tools for over 4 years, and am committed to learning and growing in this community. Check me out on GitHub.

Google Summer of Code (GSoC) is a training/mentorship program that allows new contributors to open source to work on projects for 175 to 350 hours under the guidance of experienced mentors.

KDE will mentor fifteen projects in this year's Google Summer of Code.

Merkuro/Akonadi

Merkuro is a modern groupware suite built using Kirigami and Akonadi. Merkuro provides tools that allow you to manage your contacts, calendars, todos, and soon email messages.

This year, the focus is on making Merkuro more viable on mobile. Pablo will work on removing the QtWidgets dependency from the Akonadi background processes, which will reduce RAM consumption. Shubham Shinde will port some configuration dialogs to QML, making them easier to use on Plasma Mobile. This project will be mentored by Aakarsh MJ, Claudio Cambra, and Carl Schwan.

NeoChat

NeoChat is KDE's Matrix chat client.

Sakshi Gupta will work on adding video call support to NeoChat using LiveKit. This work is mentored by Tobias Fella and Carl Schwan.

KDE Linux

KDE Linux is a new distribution the KDE Community is developing.

Desh Deepak Kant will work on a new website for the project. Derek Lin will develop a Virtual Machine Manager named Karton, and Akki Singh will port the ISO Image Writer project to QML. These projects will be mentored by Harald Sitter, Tobias Fella, and Nicolas Fella.

Plasma

Good news for gamers: Yelsin Sepulveda will work on improving game controller support in KWin. This work will be mentored by Jakob Petsovits and Xaver Hugl.

Cantor

Cantor is a frontend for many mathematical tools and languages.

Nanhao Lv will work on integrating KTextEditor as the default text editor, replacing the current custom editor. Zheng JiaHong will add support for Python virtual environments to the Python backend. These projects are mentored by Alexander Semke and Israel Galadima.

Security

Azhar Momin will work on adding more KDE libraries to OSS-Fuzz to help identify bugs and security issues through fuzzing. This project is mentored by Albert Astals Cid.

Kdenlive

Kdenlive is KDE's video editor.

Ajay Chauhan will work on enhancing timeline markers by supporting range-based markers while maintaining backward compatibility. This project is mentored by Jean-Baptiste Mardelle.

Krita

Krita is an outstanding digital painting application.

Ross Rosales will develop a floating action bar for managing layers. This work is mentored by Emmet O'Neill.

GCompris

GCompris is an educational suite containing many activities.

There is work in progress to also include a management GUI for teachers to create custom datasets. Ashutosh Singh will work on implementing the UI to manage several existing activities. Johnny Jazeix and Emmanuel Charruau will mentor this project.

Mankala

Srisharan V S will add AI opponents to the Mankala game. This project is mentored by Benson Muite.

Mentorship Portal

Anish Tak will work on improving the mentorship.kde.org website. This project is mentored by Paul Brown and Farid Abdelnour.

Tellico 4.1.2 is available, with a few fixes.

Improvements

• Updated Giant Bomb, kino.de, and VideoGameGeek data sources.
• Fixed a bug with showing local images defined by links only (Bug 503645).

I attended KDE India Conf (conf.kde.in, CKI) 2025 in Gandhinagar, Gujarat. My last and first CKI was in 2020 in Delhi. Had written a blog then.

There was a CKI last year in Pune but I was unable to attend it. So it’s been 5 years. The constant from then and now is Bhushan :)

My talk

Title of the talk was “Learnings from creating an input method for KDE”. My primary desktop environment since 2018 is KDE Plasma. Varnam input method was created to use in KDE. The talk was about the learnings of creating the input method.

The talk has been uploaded here: https://mirror.freedif.org/KDE/files/confkdein/2025/learnings-from-creating-an-input-method-for-kde.mp4

Emoji picker

The current way to input emoji in KDE Plasma is by copy-pasting the emoji from a window. GNOME has a better emoji input where you could open the emoji suggestions box anywhere you type and directly insert it. Behind the conference, I looked at whether this can be improved.

I tried to make an emoji input method just like Varnam. The source code is here: https://github.com/subins2000/semoji

It was partially successful, it works, but one month in I still use the KDE copy-paste one.

I later saw that one of KDE goals this year is this, “We care about your input”. There is already an issue open: https://invent.kde.org/teams/goals/we-care-about-your-input/-/issues/15

This is a very core thing to Qt, so it is beyond my expertise. I’m just gonna watch in the sidelines, and meanwhile I’ll survive with copy paste 🙂.

Conference

Like all other free software conferences, I met people who shared the same interests as me, so there was lot to talk about!

Rishi has done an elaborate write up about the conference, so I’m not gonna repeat things. Link to Rishi’s blog.

Rishi had also brought a Steam Deck which was fun to use! A popular mainstream device that comes with GNU/Linux? That has been a dream once. That too gaming!

One thing I have to mention here is Joseph’s talk on End of 10. Windows 10 is about to end its support in 2025 October 14. The newer Windows 11 requires modern hardware. This would mean millions of working devices will end up being unupgradable, and potentially e-waste.

My personal computer from 2010 to 2018 was a 2GB RAM machine. I had to use Linux Mint + XFCE + i3wm to get the maximum out of the system. Windows 8 and 10 was uninstallable in that machine.

There was a BoF on the same, and one major thing about India at least is that “if it works, then don’t touch it”. I’ve seen retail stores using Windows 7 to even Windows XP (A display in Cochin international airport). When they have a working flow, it’s difficult for them to change.

Adobe Pagemaker that was deprecated in 2003 is still being used here. It works because Windows is very good in backwards compatibility. If Windows ever breaks it, maybe they’d upgrade.

My state Kerala already uses GNU/Linux widely across school, government departments etc. School students are usually given a laptop which is low-end hardware that already runs GNU/Linux. No way can these laptops and machine run Windows, even Windows 10.

Next conference

This is the second time CKI has been ogranized in Gandhinagar. I’ve lowkey suggested that maybe Kerala can host it next year 🤞. Last time it happened in Kerala was in 2015, that’s 10 years ago!

A good place to do it would be a university. I’ve been helping organizing Kochi FOSS meetups for the past 2 years. There is definitely audience for the conf, it’s just that where would we do it.

Let’s see.

Welcome to a new issue of “This Week in Plasma”! Every week we cover the highlights of what’s happening in the world of KDE Plasma and its associated apps like Discover, System Monitor, and more.

This week Plasma 6.4’s “soft feature freeze” came into effect, which means we stop merging new features unless they’ve been in development for months and are alllllmost ready. So focus has shifted to bug-fixing and UI polishing.

You may also notice that quite a lot of changes in Plasma this week actually came from KDE Frameworks. It’s a good reminder that these frameworks underpin everything KDE makes — the unsung infrastructural heroes quietly and boringly making other work possible.

Notable new Features

Frameworks 6.15

The “New File” and “New Folder” dialogs you can invoke from Plasma, Dolphin, and other KDE apps have been given visual overhauls. In addition, the folder dialog lets you choose a custom icon from right there in the dialog! (Kai Uwe Broulik, link 1 and link 2)

Transferring files in Plasma and KDE apps now inhibits suspend, so the transfer can’t get unexpectedly interrupted or canceled in the middle if the computer goes to sleep. (Kai Uwe Broulik, link)

Notable UI Improvements

Plasma 6.4.0

On the Audio Volume widget’s Applications page, the name of the media being played will now be shown — as long as the app sets this properly! This is helpful for web browsers in particular. (Kai Uwe Broulik, link)

On System Settings’ Shortcuts page, KWin and Plasma’s shortcuts are now shown under nicer and more human-friendly names. (Nate Graham, link)

System Settings’ Display & Monitor page now shows non-integer refresh rates, like “59.94Hz”. (Xaver Hugl, link)

System Settings’ Accessibility page now uses a better icon for the Screen Reader category. (Christoph Wolk, link)

Windows that make an oopsie and forgot to set a title now display no text in Overview, rather than a tiny little empty bubble where there should be text. (Nate Graham, link)

The “Minimize All Windows” widget no longer inappropriately pretends to be a “Peek at Desktop” widget while in edit mode. (Nate Graham, link)

Frameworks 6.15

Overhauled the technical infrastructure of how icons are drawn by Kirigami throughout Plasma and QtQuick-based KDE apps, fixing several visual issues related to the active highlighting not working properly — particularly with dark color schemes and image-based icons. (Arjen Hiemstra, link 1, link 2, and link 3)

Files in remote network locations accessed by their URL (not a manual local mount) from Plasma or any KDE apps now do a better job of showing thumbnails when they’re really large, and should be more robust and reliable in general, less likely to make the displaying app crash (Akseli Lahtinen and John Chadwick, link 1 and link 2)

Notable Bug Fixes

Plasma 6.3.5

Fixed a case where KWin could crash when disconnecting a Thunderbolt dock. (Xaver Hugl, link)

Interacting with apps using a drawing tablet stylus is now more reliable. (Xaver Hugl, link)

Plasma 6.3.6

Fixed a case where KWin could crash while drawing windows with no window decorations. (Xaver Hugl, link)

Theme previews on System Settings’ Colors page that use the full tinting feature are now displayed properly. (Akseli Lahtinen, link)

When using any of the automatic sorting modes for desktop icons, creating a new file on the desktop now inserts the file in its correct place based on the chosen sort order, rather than putting the new item under the cursor and resetting the sort order to “Manual”. (Akseli Lahtinen, link)

Plasma 6.4.0

Fixed a case where KWin could occasionally get frozen during playback of full-screen YouTube videos in Firefox. (Vlad Zahorodnii, link)

Fixed another case of optical discs appearing duplicated in the Disks & Devices widget. (Bogdan Onofriuchuk, link)

KWin’s “Move to Center” action once again works irrespective of whether the window being moved to the center is currently quarter-tiled. (Vlad Zahorodnii, link)

It’s no longer possible to hilariously scroll the text of Plasma notifications horizontally using a touchpad, making it slide out of view! Now it stays put. (Christoph Wolk, link)

Frameworks 6.15

Fixed a bug in KConfig that could, under certain circumstances, prevent Plasma from loading when compiled with asserts turned on. (Akseli Lahtinen, link)

Fixed a bug in the Breeze theme that made certain icons appear at too large a size in certain GTK apps. (Christoph Cullmann, link)

Fixed the Breeze microphone icon to not be off-center in its 22px version. (Nate Graham, link)

Other bug information of note:

• 1 very high priority Plasma bug (same as last week). Current list of bugs
• 20 15-minute Plasma bugs (same as last week). Current list of bugs

Notable in Performance & Technical

Plasma 6.3.6

Fixed an issue preventing the “Prefer color accuracy” setting from working while watching full-screen videos. (Xaver Hugl, link)

Made the day/night transition time calculations of the Night Light feature more accurate by using a dedicated solar transit simulator. (Vlad Zahorodnii, link)

How You Can Help

KDE has become important in the world, and your time and contributions have helped us get there. As we grow, we need your support to keep KDE sustainable.

You can help KDE by becoming an active community member and getting involved somehow. Each contributor makes a huge difference in KDE — you are not a number or a cog in a machine!

You don’t have to be a programmer, either. Many other opportunities exist:

• Triage and confirm bug reports, maybe even identify their root cause
• Contribute designs for wallpapers, icons, and app interfaces
• Design and maintain websites
• Translate user interface text items into your own language
• Promote KDE in your local community
• …And a ton more things!

You can also help us by making a donation! Any monetary contribution — however small — will help us cover operational costs, salaries, travel expenses for contributors, and in general just keep KDE bringing Free Software to the world.

To get a new Plasma feature or a bugfix mentioned here, feel free to push a commit to the relevant merge request on invent.kde.org.