Historically passwords and credentials in all of our apps and services (such as kio and our Network Manager plasmoid), are stored and managed by our KWallet subsystem and API. In a similar way, GNOME had gnome-keyring, and other similar systems were available. A major problem was the mutually incompatible interface between them, making impossible to have a single place where all the passwords go.
For this reason, a standard DBus interface called Secret Service has been developed, and systems like KWallet, gnome-keyring and KeepassXC have adopted the interface as well.
In the future, we want to eventually port our applications to use the Secret Service API directly, preferably via the QtKeychain library (some applications already do), which will use Secret Service natively on Linux. And as a bonus the Windows/Android native systems on those platforms will work too.
This will make our applications work much better, be more integrated in other desktops or platforms, and be less dependent on the KWallet framework which has big legacy code parts at this point.
Right now, KWallet has the option to bring up a Secret Service compatible interface, and this is a valuable first step, but there are still some potential problems in the migration path:
- Applications using Secret Service will store their secret data in different places when running in different environment, including our own that have been migrated. If you login into a different session ,every app will have forgotten its credentials.
- It’s possible to use a different Secret Service provider also in a Plasma session, for instance enabling it in KeepassXC. At that point some apps will save into it, while other ones will keep using KWallet with a different storage backend.
- Applications ported from KWallet to SecretService will lose their credentials, unless some clunky porting code is written for each application.
A KWallet compatibility layer
Enter the recent refactor that happened in KWallet: it has now been split into 2 different system services now: one that exposes only the Secret Service API, and one that exposes only the KWallet API.
The service exposing the KWallet API has been written from scratch and is now just a thin wrapper around the Secret Service API, translating the KWallet DBus calls to Secret Service ones. The old KWallet service is now a pure Secret Service provider that just happens to use the old KWallet backend, exposing to Secret Service all the entries that had already been stored in the past.
This decouples our KWallet compatibility layer for existing or old applications (not only KDE applications, also third party ones like Chromium use it) with our actual secret storage and SecretService implementation, allowing a separate development roadmap, and even potential future transition to a different backend in a completely transparent way to the user.
You can see this decoupling in the same spirit as the recent KWin Wayland/X11 split: being able to develop the new technology without risking breaking compatibility of the legacy system.
What it means for users and developers
For the immediate future, not much really changes: users will still have all their secrets accessible, and every app they use that was using KWallet will keep working without forgetting anything.
In the same way, for developers, the whole KWallet C++ API keeps working exactly as it was (even though we’re discouraging its use in new projects). Also, the KWallet-to-Secret-Service API proxy layer will save data inside Secret Service with the same schema used by QtKeychain, keeping the data accessible if the application gets ported from using the KWallet C++ API to QtKeychain.
An experimental feature
Disclaimer: The following description is of an experimental feature behind a hidden configuration key: it will take a bit before it’s deemed ready for prime time.
One advantage of having 2 independent services to handle the KWallet API and the Secret Service one is that now it’s possible to chose different backends as well, such as KeepassXC, gnome-keyring or oo7.
Setting the following in kwalletrc:
[Migration]
MigrateTo3rdParty=true
[KSecretD]
Enabled=false
With this, the old KWallet backend (now a service called ksecretd) won’t be started anymore, and instead any Secret Service provider that is running or has been configured to be DBus-activatable will be used. The first time this happens, a data migration procedure will be executed, writing the data in KWallet into the new service, keeping all the user-saved secrets accessible.
Sunday, 13 April 2025
Welcome to a new issue of "This Week in KDE Apps"! Every week we cover as much as possible of what's happening in the world of KDE apps.
As Carl is still in vacation, this issue is only partially complete.
System Apps
Dolphin Manage your files
The Dolphin search integration has been rewritten from scratch. Notably, users can now switch the search tool between a simple search algorithm and one using file indexing and offering advanced search options. This way users are no longer forced to use the file index whenever it is available and can instead search in a slower but more reliable manner.
The overall user interface design is much improved with better clarity about what is currently being searched and which parameters can be changed. It was designed in a collaborative effort by Kristen McWilliam, Jin Liu, Andy Betts, Tagwerk, Felix Ernst, and a few others. (Felix Ernst, 25.08.0. Link)
The "Show in Groups" action was moved from the "View" menu to the "Sort By" menu. (Nate Graham, 25.08.0. Link)
The "Change View Mode" button which was recently added to Dolphin's default tool bar configuration is now icon-only by default (just like we had intended). (Akseli Lahtinen, 25.08.0. Link)
In the Trash context menu the "Properties" action is now once again in the last position just like in all the other Dolphin view context menus. This now-fixed inconsistency was an unintended side-effect of us moving the "Delete" action last to make it less likely to click it by accident when aiming at "Restore". (Kai Uwe Broulik, 25.08.0. Link)
Dolphin will now hide the background of the navigation bar when it's outside of the toolbar. (Akseli Lahtinen, 25.08.0. Link)
Other
Various improvements were made for the KDE Open and Save dialog:
- People using single-click selection can now click on checkboxes to select individual items in multi-selection dialogs. This works similarly to how it does in Dolphin. (Akseli Lahtinen, KIO 6.14. Link)
- Open and Save dialogs now allow quickly filtering through files by filename when pressing CTRL+I or Backslash key, like in Dolphin. (Akseli Lahtinen, KIO 6.14. Link)
…And Everything Else
This blog only covers the tip of the iceberg! If you’re hungry for more, check out Nate's blog about Plasma and be sure not to miss his This Week in Plasma series, where every Saturday he covers all the work being put into KDE's Plasma desktop environment.
For a complete overview of what's going on, visit KDE's Planet, where you can find all KDE news unfiltered directly from our contributors.
Get Involved
The KDE organization has become important in the world, and your time and contributions have helped us get there. As we grow, we're going to need your support for KDE to become sustainable.
You can help KDE by becoming an active community member and getting involved. Each contributor makes a huge difference in KDE — you are not a number or a cog in a machine! You don’t have to be a programmer either. There are many things you can do: you can help hunt and confirm bugs, even maybe solve them; contribute designs for wallpapers, web pages, icons and app interfaces; translate messages and menu items into your own language; promote KDE in your local community; and a ton more things.
You can also help us by donating. Any monetary contribution, however small, will help us cover operational costs, salaries, travel expenses for contributors and in general just keep KDE bringing Free Software to the world.
To get your application mentioned here, please ping us in invent or in Matrix.
Finishing Up
Hey everyone, It’s me again, back with the final update for this year’s Season of KDE. So, turns out things don’t really go as planned and it took me some extra time to bring it over the line.
Since my last post, I wrote the tests for the Kalah game, the associated TUI, a greedy move selection and benchmarked Oware and Bohnenspiel. My mid-sem exams happened, in between, and delayed me by 2 weeks.
Dear fans of music & open source music players,
in preparation of the upcoming Amarok 3.3 release, a beta release (3.2.81) has been prepared.
As shown in the ChangeLog, the changes are mostly technical: Qt5 support is removed, and Amarok 3.3 beta is compatible with Qt6/KF6 only. Additionally, a database scheme update (first such since 2012) fixes encoding and date related bugs.
Please note that due to the database update, downgrading from 3.3 beta is not directly possible, and returning to pre-3.3 versions requires the database (at ~/.local/share/amarok/mysqle/) to be manually backed up beforehand.
Aligning with current major KDE Frameworks version should simplify various direct and indirect software dependencies. However, phonon-vlc is the only supported backend on Qt6 Phonon, which Amarok 3.3 beta is still using for audio playback. This imposes some constraints e.g. on equalizer and analyzer functionalities. A more comprehensive overview of audio backend status is available on an invent.kde.org issue and a related work-in-progress merge request.
Additionally, there isn't official releases with Qt6 support of liblastfm available yet (needed for last.fm support). To enable the functionality, one needs to use library version built from e.g. sources at https://github.com/Mazhoon/liblastfm/tree/81e8f9dc16a0a18fe9a066d51c2071086326670b .
The Amarok 3.3 beta source tarball is available on download.kde.org and it has been signed with Tuomas Nurmi's GPG key. In addition to the source code, it is likely that some distributions will provide beta packages. The various nightly git builds provided by various splendid packagers should also provide a way of using the beta changes and participating in the testing.
Happy listening!
Final update
So this is my final blog regarding the Season of KDE 2025, I’m feeling happy for what I accomplished. Over the past few weeks, I’ve implemented PvP system for mancala game, this project has been a deep dive into game development, networking and user experience.
Summary of work done so far
1. Move tracking Mechanics
At the heart of this project lies the MankalaEngine
, an engine designed to handle rules and gameplay of various mancala variants. I’ve added some more feature in the engine:
- Move tracking: The
lastMoveMethod()
method allows to retrieve the last move played by the player and computer.
2. PvP Mode
It allows the real-time multiplayer gameplay using XMPP. Following is a brief summary:
- XMPP Integration: Players connect to each other using their jabber IDs and exchange move using the established chat room in real-time.
- Turn Management: The Player 1 always start, and turns alternate between the two players.
- Board Syncing: Players manually update their boards based on the opponent’s move, ensuring both the players have accurate view of the game state.
3. Man Page Documentation
To make the game accesible, I’ve created a man page for bohnenspieltui
. This man page provides the information abou the game, including:
- Synopsis and Description: A brief overview and explanation of the game variant.
- Usage: Instructions for running the PvP mode.
- Added a minor improvement of card view in Mancala GUI.
Future Work
While the task for this term is completed, their are several areas for improvement:
- Automated board syncing by replacing the current manual one.
- Integrating the engine to the mancala GUI.
- Extending the PvP to other variants.
Final Words
Thanks to KDE community, XMPP community and Benson Muite and João Gouveia and Blue from Macaw.me for the guidance and support. And I encourage the aspiring contributors to take part in Season of KDE to learn and grow as a developer.
Saturday, 12 April 2025
It looks like Brodie Robertson hasn’t gotten sick of me yet, because we sat down again recently, this time on the subject of Techpaladin! We go over a lot of stuff I wrote in the announcement blog post last month, plus more detail and other topics too. This ends up being a pretty nerdy talk as we additionally meander between finance and exchange rates, Dungeons and Dragons, Alpha Centauri, Maslow’s Hierarchy of needs, the KWin Zoom effect, and, of course, KDE World Domination.
Welcome to a new issue of "This Week in Plasma"! Every week we cover the highlights of what's happening in the world of KDE Plasma and its associated apps like Discover, System Monitor, and more.
This week there's big news: at long last, KWin has gained support for the initial version of the Wayland session restore protocol! This work was done by David Edmundson and Vlad Zahorodnii, and lands in Plasma 6.4.
Now, before you go celebrate in the streets, there are some big caveats:
- This version of the protocol only supports window sizing, positioning, and virtual desktop placement.
- It doesn't govern windows saving their internal content yet. That's coming later.
- Toolkits and apps still need to opt in; nothing automatically starts working for free.
But this point is… this stuff is coming soon and in motion! Exciting times.
Notable UI Improvements
Plasma 6.4.0
Overhauled the portal-based shortcut chooser window to look nicer and be easier to use. (David Redondo, link)
The double-click speed chooser now includes a test area you can use to test it out. (Kai Uwe Broulik, link)

You can now start an update in Discover straight from the notification, without needing to open the app and do it there. (Aleix Pol Gonzalez, link)
When editing a clipboard entry, the "Save" button now only becomes active if there has been a change to the text. (Fushan Wen, link)
Frameworks 6.14
Fixed a case where various messages in System Settings and apps would have links that did nothing when clicked. (Arjen Hiemstra, link)
Notable Bug Fixes
Plasma 6.3.5
Fixed several KWin crashes. (Vlad Zahorodnii and Xaver Hugl, link 1, link 2, link 3, link 4)
Fixed a glitch affecting people with NVIDIA GPUs that could make the lock screen go black or flicker under certain circumstances. (Xaver Hugl, link)
Fixed a visual glitch with window shadows when using Night Light on certain hardware. (Xaver Hugl, link)
Task Manager "audio is playing" icons specifically are no longer so blurry when using a fractional scale factor. (Marco Martin, link)
Plasma 6.4.0
Clicking on various apps' System Tray icons that want to display a menu on left-click now shows the menu, instead of a weird tiny window in the middle of the screen with one menu item in it. (David Redondo, link)
Re-added the "Edit Contents" global clipboard shortcut that accidentally got removed in Plasma 6.0. (Fushan Wen, link)
Fixed the Select All/None buttons on the Filter page of Plasma's desktop configuration window, which also got broken in Plasma 6.0. (Christoph Wolk, link)
Fixed a few cases where setting or resetting custom icons in the Kicker Application Menu widget didn't work properly. (Christoph Wolk, link)
Fixed a bug where selecting text in XWayland-using apps wouldn't correctly populate the clipboard when using certain clipboard settings. (Fabian Vogt, link)
Fixed auto-updates in Discover even moar betterer! (Yosuke Matsumura, link)
Other bug information of note:
- 1 very high priority Plasma bug (same as last week). Current list of bugs
- 20 15-minute Plasma bugs (up from 18 last week). Current list of bugs
Notable in Performance & Technical
Plasma 6.4.0
Plasma Browser Integration now supports Chrome and Firefox variants like LibreWolf and Ungoogled Chromium when run in a Flatpak. (Kristen McWilliam, link 1, link 2)
Improved performance when using Night Light and changing the brightness. (Xaver Hugl, link)
The Lock screen now respects the login timeout value coming from PAM, allowing it to be configured. (Akash Suresh, link)
How You Can Help
KDE has become important in the world, and your time and contributions have helped us get there. As we grow, we need your support to keep KDE sustainable.
You can help KDE by becoming an active community member and getting involved somehow. Each contributor makes a huge difference in KDE — you are not a number or a cog in a machine!
You don’t have to be a programmer, either. Many other opportunities exist:
- Triage and confirm bug reports, maybe even identify their root cause
- Contribute designs for wallpapers, icons, and app interfaces
- Design and maintain websites
- Translate user interface text items into your own language
- Promote KDE in your local community
- …And a ton more things!
You can also help us by making a donation! Any monetary contribution — however small — will help us cover operational costs, salaries, travel expenses for contributors, and in general just keep KDE bringing Free Software to the world.
To get a new Plasma feature or a bugfix mentioned here, feel free to push a commit to the relevant merge request on invent.kde.org.
Work done so far
Implemented the PvP mode by leveraging XMPP for communication, enabling the played to exchange moves. The code for this are implementd in connection.h
, connection.cpp
and bohnenspieltui.cpp
.
Setting up the PvP mode
The player select the game mode they desires to play, for PvP the choice would be option P.
Connecting to XMPP server
To establish the chat room and enable the communication the player must provide their jabber id and password and the opponent’s JID (This should be done from both players side).
The program then establishes a connection to the XMPP server using the entered credentials. The game proceeds only when the credentials are verified.
Host and Turn Order
The program determines who will play first in a simple manner i.e., by comparing the lexicographical order of their jabber IDs.
Sending a move
When it’s player turn, they are prompted to enter their move. The move is validated and sent to opponent via the established chat room.
The board is updated locally and then the turn is passed to the opponent.
Receiving a move
When the move is received from the opponent, the program prompts the player to sync the board manually.
This is to ensure that both the players have their board in sync. Then the program prompts the user to enter their move and it game will be continued.
What’s next
- Automatic move sync
- The man page to explain the working to players.
Friday, 11 April 2025
Let’s go for my web review for the week 2025-15.
A new security fund opens up to help protect the fediverse
Tags: tech, fediverse, security
This is clearly needed. This should increase the maturity of the security practice around Fediverse software.
https://techcrunch.com/2025/04/02/a-new-security-fund-opens-up-to-help-protect-the-fediverse/
Bored of it
Tags: tech, culture
Hear, hear! It sucks up all the air in conversation and obliterate imagination. As if we couldn’t do better.
https://paulrobertlloyd.com/2025/087/a1/bored/
Anthropic can now track the bizarre inner workings of a large language model
Tags: tech, ai, machine-learning, gpt, research, language
This is very interesting research. This confirms that LLMs can’t be trusted on any output they make about their own inference. The example about simple maths is particularly striking, the real inference and what it outputs if you ask about its inference process are completely different.
Now for the topic dearest to my heart: It looks like there’s some form of concept graph hiding in there which is reapplied across languages. Now we don’t know if a particular language influences that graph. I don’t expect the current research to explore this question yet, but looking forward to someone tackling it.
The Slow Collapse of Critical Thinking in OSINT due to AI
Tags: tech, ai, machine-learning, gpt, security, cognition
The “asleep at the wheel” effect is real with such tools. The consequences can be dire in quite a few fields. Here is a good illustration with OSINT.
https://www.dutchosintguy.com/post/the-slow-collapse-of-critical-thinking-in-osint-due-to-ai
Hardened File Backup Routine
Tags: tech, backup, security, complexity
Personal backups don’t have to be fancy… And probably shouldn’t.
https://wrongthink.link/posts/hardened-backup-routine/
git-withme - Peer-to-peer, encrypted, ephemeral Git collaboration
Tags: tech, tools, version-control, tools
It’s little known that regular Git has a server mode. The thing is that it’s not often useful beyond sharing over the local network. Know this tool leverages magic wormhole to share repositories with peers over the Internet. This is really cool stuff in my opinion.
https://git.sr.ht/~meejah/git-withme
.localhost domains
Tags: tech, networking, services
Neat little trick for services which you’d be running locally.
https://inclouds.space/localhost-domains
Pitfalls of Safe Rust
Tags: tech, programming, rust, safety
Sure, you get good memory safety with Rust. It’s important and welcome, but it’s just the beginning of the story.
https://corrode.dev/blog/pitfalls-of-safe-rust/
On JavaScript’s Weirdness - Stack Auth
Tags: tech, programming, javascript
A friendly reminder that Javascript is an endless pit of surprising behaviors. Watch out!
https://stack-auth.com/blog/on-javascripts-weirdness
A feel for the data
Tags: tech, data, data-visualization
Nice piece to give ideas about what type of diagram to consider depending what you’re exploring.
https://briefer.cloud/blog/posts/look-the-data/
The Best Programmers I Know
Tags: tech, craftsmanship, engineering, learning
This is a good list of skills and behaviour to develop if you want to get better at our craft.
https://endler.dev/2025/best-programmers/
How to develop a sixth sense for the long-term
Tags: tech, project-management, risk
Good approach to detect problems early and manage the risks they’ll bear.
https://www.rubick.com/long-term-sense/
Distrust Breeds More Distrust
Tags: tech, management, leadership, trust
It’s indeed a vicious circle. Also it seems easy to fall into this particular trap, I see it in many places.
https://mdalmijn.com/p/distrust-breeds-more-distrust
Strategic opportunism
Tags: strategy, leadership, management
This is indeed a very good way to approach planning. You shouldn’t be shackled to a too detailed strategy. The broad goals are the real value, then it’s about seizing opportunities to advance your position.
https://medium.com/@mshmsh5000/strategic-opportunism-7f2b8b255384
What it’s like to interview a software engineer preparing with AI
Tags: tech, ai, machine-learning, gpt, hiring, interviews, scam
Unsurprisingly, hiring scams are becoming more elaborate. Keep it in mind for your upcoming interviews.
https://www.kapwing.com/blog/what-its-like-to-interview-a-software-engineer-preparing-with-ai/
The spice of life
Tags: tech, business, marketing, learning
There’s some truth to this. It’s easier to market yourself as a specialist rather than a generalist… This doesn’t make it easy.
https://gomakethings.com/the-spice-of-life/
Bye for now!