I didn't know it handled them (I've never used Discover) but yeah they're not system packages so they will be OK too.
10 points to Gryffindor :)
with the GUI and toolset of Kubuntu
Not entirely, for example, Discover is only good for flatpaks in EndeavourOS.
Yeah. It's KDE, there's a setting for that.
She is getting her masters in nursing online so it def needs to be able to accommodate that
Is there any specialist software she needs, or is it browser based?
Some are very different to each other, Arch and Debian where the former is at the bleeding edge of software and the later is the most conservative distro out there. Some are very similar, Ubuntu and Kubuntu where they are the same distro with a different desktop environment and default software.
I rarely see any references to MX in Linux forums
That could be a testament to it's reliability.
The malicious packages were found and removed quite quickly. Also anyone who doesn't blindly install from the AUR would have seen a suspicious .lol url. I suppose that a genuine package using a .lol url isn't impossible, it's just very unlikely,
These attacks do demonstrate the strength and weakness of the AUR, that anyone can upload anything at any time. The same as flathub and the snap store. Treat all of them with appropriate caution.
I'm sorry, but the process is exactly the same. Pick one you've been recommended, pick one you like the look of, or pick one at random to try it. With pretty much every distro having a live environment, you don't need to install it to try it out. Hell, if you use distrosea, you don't even need to download it to try it. It's not rocket science, it's just that people are conditioned to think there shouldn't be choice in an operating system. I suppose it's fairer to say it's more like a car. See which ones you like the look of, try them out and make a decision.
OP is still a very new Linux user (if at all) that hammers on stability in every one of their posts.
Ah, I missed that nuance. In such a case, I always recommend one of the big three, Ubuntu, Mint, and Fedora. When they've been using that for long enough to know what they don't like about it, it's a good time to start exploring the wider ecosystem.
Even with Arch and Debian
Yeah, they've been around long enough that I'd be surprised if they vanished. I would add openSUSE and Slackware (even though it's a one man project) to that list. Of course Patrick Volkerding could get fed up with maintaining Slackware at any time.
And (often) comes with tons of support/discussion across the internet that will prove to be useful for the new user.
That can be a double-edged sword, especially if the distro has been around a long time. What the user finds can be out of date and now just plain wrong. Ubuntu definitely suffers with this.
Please feel free to provide other metrics that OP or others might appeal to.
Besides longevity and adoption, I would argue that whether it has new enough drivers and firmware to support your hardware is the most important metric out there. For example, if your hardware is newer, you should likely choose Fedora from the big three.
But RebbecaBlackOS still is.