Welcome to this edition of Linux news in Q&A format. We dive into the biggest stories: the official standardisation of a Projects folder in home directories, Canonical's local-first AI push for Ubuntu, the surprise inclusion of Brave's ad-blocking engine in Firefox, and the latest releases of Ubuntu 26.04 LTS and Fedora 44. Plus, we explore the open-sourcing of Warp terminal and a critical PyPI security incident. Let's get into the details.
What is the new standard Projects folder in Linux home directories?
Linux distributions are now officially adopting a Projects folder alongside Documents, Music, Downloads, and other standard directories in the user's home. While many users have long created a ~/Projects directory manually, its inclusion in the XDG user directories specification means that applications can treat it as a default location for saving or opening project files. This change goes beyond a simple mkdir Projects – it enables consistent behaviour across the desktop environment. For example, a code editor could automatically point to the Projects folder when saving a new project, or version‑control tools could default to it for cloning repositories. The exact icon is yet to be revealed (the original text joked about it), but the move is a practical improvement for organising development work and other creative undertakings. It reduces fragmentation and makes Linux desktops more intuitive out of the box.
Why did Firefox 149 quietly ship Brave's ad-blocking engine, and is it enabled?
Mozilla’s Firefox 149 release included Brave’s open‑source adblock‑rust engine – a fast, privacy‑focused ad‑blocker written in Rust – without any mention in the official release notes. The feature is disabled by default and has no user interface; users must navigate to about:config and manually enable it. This move suggests Mozilla is experimenting with integrating a high‑performance ad‑blocking component, possibly as a step toward a future built‑in content‑blocking solution. Using Brave’s engine is notable because Brave is a competitor in the browser space, but the code is MIT‑licensed. Firefox users who want to test it can flip the relevant preference, but the silent addition has raised questions about transparency. Still, for many the decision underscores a broader trend of browsers adopting Rust‑based components for security and speed.
What are the key features of Ubuntu 26.04 LTS “Resolute Raccoon”?
Ubuntu 26.04 LTS, codenamed Resolute Raccoon, launched with significant updates: GNOME 50, Linux kernel 7.0, and a Wayland‑only session (X11 is no longer available). It introduces five new default applications, brings .deb packages back to the App Center, and includes post‑quantum cryptography out of the box for future‑proof security. The release is a Long Term Support version, meaning it will receive updates for five years (ten with Ubuntu Pro). Canonical also pushed its AI plans forward with local‑first, open‑weight models delivered via snaps – we discuss that below. The flavours – Kubuntu, Lubuntu, Xubuntu, and others – also received matching releases, each with their own desktop environment upgrades. For existing users, upgrading from 24.10 is possible, though a clean install is recommended for stability.
What’s new in Fedora 44 after its two‑week delay?
Fedora 44 arrived after a brief delay, powered by Linux 6.19 and featuring both GNOME 50 (on the Workstation edition) and KDE Plasma 6.6 (on the KDE spin). A major addition is NTSYNC, which improves performance for Windows games running through Wine/Proton by better synchronising NT kernel operations. The Games Lab spin has been completely refreshed with pre‑installed gaming tools. Other highlights include updated package versions across the board and improved hardware support. Fedora continues its tradition of offering cutting‑edge software while maintaining stability. Users on Fedora 43 can upgrade via the software centre or command line. For fresh installations, the installer (Anaconda) now handles disk encryption more seamlessly.
Why did the AI‑focused Warp terminal go open source, and what does that mean?
Warp, a modern terminal emulator that integrates AI features such as natural‑language command suggestions, announced it is now open source under a permissive licence. Previously a proprietary product, this shift allows the community to inspect, modify, and contribute to the codebase. The move is seen as a win for transparency and collaboration in developer tools. Warp’s AI capabilities – like explaining errors or generating commands from plain English – are built on local or cloud models, and open‑sourcing the client means users can audit how their data is handled. The company behind Warp, Warp Technologies, hopes that community involvement will accelerate bug fixes and feature development. For Linux developers, having an open‑source, AI‑enhanced terminal could become a compelling alternative to traditional terminals. The project is available on GitHub immediately.
How is Canonical bringing AI to Ubuntu, and why local‑first?
Canonical’s AI strategy for Ubuntu focuses on local‑first execution using open‑weight models delivered via Snap packages. Instead of forcing users to send data to cloud servers, models run on the user’s hardware, preserving privacy and enabling offline use. This approach aligns with growing demand for on‑device AI in desktops and servers. By packaging models as snaps, Canonical simplifies installation, updates, and dependency management. The models are openly licensed, meaning users (or enterprises) can inspect and fine‑tune them. The first wave includes tools for code completion, text generation, and system administration assistance. For example, an AI assistant could help troubleshoot errors or optimise configurations without sending sensitive logs externally. This local‑first model is a stark contrast to widespread cloud‑dependent AI services, and could make Ubuntu a attractive platform for privacy‑conscious users and regulated industries.
What happened with the elementary‑data package on PyPI, and how can users stay safe?
Attackers exploited a flaw in the GitHub Actions workflow of the elementary‑data project, allowing them to push a backdoored version to PyPI within ten minutes. The compromised package, version 0.23.3, contained malicious code that could exfiltrate credentials or execute arbitrary commands. Users who installed or updated that version are urged to revoke any tokens stored on the affected system and to audit for unusual activity. This incident highlights the risks of using CI/CD pipelines without strict access controls and the need for package integrity verification (e.g., checksums, signed tags). For Python developers, it’s a reminder to pin dependency versions, use PyPI’s built‑in security features like two‑factor authentication for package maintainers, and monitor repositories for unexpected releases. The elementary‑data maintainers have since fixed the workflow and removed the malicious version.