Just wanted to share for the 10 people like me who has with an Nvidia + dual screen setup on ArchLinux (btw) with KDE Plasma desktop that since the new plasma 6 update I can finally use the Wayland session option!
The wayland should work
has been around for the last 5 years and 5 years ago it was not even close, then 1 or 2 years ago it started not crashing but multi-screen was not OK (I tried all the kernel and driver parameters).
Now for me and my 5+ years-old setup (probably a lot of legacy plasma settings in my .config) it was finally seamless.
From previous tries I already knew that the desktop feels WAY smoother (true 60 fps everywhere, specially for the video players in web browser).
Feels great so far, discord screen-sharing is not there but can be done from Firefox if needed so OK for me.
I hope this post will be informative for some like me who tried several time over the years and didn't had much hope.
PS : the cursor has a weirdly strong outline (too shiny to my taste) feels like unintended but not a big problem. I spent 30 mins in the options but couldn't find anything about that.
Thanks for your answer.
First I don't even grasp what a "service owner" is.
Second, for JS front-end openness there are already a bunch of app (web, android) that are open-source and secured. Everything has dependencies nowadays, this doesn't prevent good security. Think all the python app and their dependencies, rust, android... even c\c++ packages are built with dependencies and security updates are necessary (bash had security issues).
I think with JS scripts it's actually even easier to have good security because the app is ran in our web browser so the only possible attacker is the website we are visiting itself. If they are malicious then the close-sourced JS script is even worse. Unless you count 3rd party scripts embedded that bad dev uses in their website without even thinking about trusting them. That is also awful in both open or close source environment.
So even having imperfect security (which happens regardless to openness), who is the attacker here? I would rather run js script on my end if the code can be checked.