By the look of it, you have Window Decorations that did not got ported to Plasma 6. Only the “Edna” was, but maybe you did not update it yet from the Store …
I have just installed a Plasma 6 theme through the store, and it’s from the same theme developer as the Edna theme, i.e. @jomada, but in the previews of the window decorations, that button is also still the same one as the button for the window operations menu, and there is also no support for the shade button.
The theme I have installed is called Carl and was last updated on 2024.05.04, so that’s only 2 weeks ago.
Plastik and Breeze are official KDE defaults — with Plastik going back to KDE 3.0, even — so the only third-party theme you have is Klassy, which is obviously based upon Breeze.
I tried new decorations from the store > apply the new one (and tried with the old ones too) > cleared .cache folder > restarted session.
but the problem is still there.
yes, I have plastik too, that also displays the icon correctly.
so, I guess the default decoration is the trade-off for having the application menu icon?
thank you for your reply, I’m glad that I could delete all the unnecessary decorations.
Thanks for suggesting klassy too, it was nice . Though it didn’t solve the actual problem.
Update: so I went through every possible options and after hours of trying out and color picking I finally made something similar to what I desired + some extra customization.
Thank you very much!
Though Exact solution would’ve been something that would fix the menu icon thing in every decorations, but ig this is the closest solution for now.
Holy crap, that not even wipes only the Root and Home but also all included all mounted drives? WTF is KDE doing here, to allow such commands for “installing” Global Theme?
Thank you for that link, good that i have a Laptop with only a single M.2 connected, to try KDE Store out in the future.
Does anyone know, if this security risk only related to “Global” Theme and its not included in the smaller layouts?
No, the article was misrepresenting things. Installing anything from store.kde.org through the knewstuff framework will only write to your home directory and does not have write access to anything else, because it’s running under your own UID.
It’s in everything you install by way of the “Get new…” buttons. But the issue was a faulty script by the theme packager, and the theme has been taken offline.
You run a greater risk installing anything from the AUR without checking the PKGBUILD, because those are system-wide installations and the AUR helper will always ask you for the password to elevate privileges, so that it can install the package as root.
My understanding is that it has little to do with the mechanism of adding the resources from store.kde.org, but rather that things in the global theme included some poorly written code that could (and did) result in deletion. Because theres scripting things in there.
The reddit user that reported the issue, was telling everyone that all drives mounted on his PC was deleted.
What i also don’t understand, why by the assumed “mistake” was rm -rf implemented in the installation process, instead executed in the uninstall script?
This sounds to me, more like a malicious behavior as a mistake.
Thanks for the heads up… lucky i don’t use much AUR Packages.
Either he was lying, or he was using Discover, which installs things system-wide and uses the insecure packagekit. There’s a reason why Manjaro does not install Discover by default.
Probably so as to clean up the remnants of the downloaded and extracted tarball after installing the theme.
Steam has made that very same mistake as well a few years ago, but nobody thought of it as intentionally malicious back then.
If they were user-mounted then that doesnt need any extra explanation.
Nah.
It was some funky code that got parsed in such a way that it used an unfilled variable that then became something like ./.
(please dont make me go looking for the exact example)
Its part of what the Devs have been trying to communicate about since this issue - that things like the Global Themes can/do contain scripts that can run code. They arent just images being linked by some kde process.
For example here is a layout javascrip file from klassy;
loadTemplate("org.kde.klassy.plasma.desktop.leftPanel");
const kwinConfig = ConfigFile('kwinrc');
kwinConfig.group = 'Effect-windowview';
kwinConfig.writeEntry('BorderActivateAll', '5'); //present windows all desktops bottom-left