Arch is not stable but it’s easy to fix issues arising from its rolling release nature. One of the ways being utilizing the AUR packagedowngradefor easy package version rollbacks. I should also note that the most common reason for Arch breaking is rarely ever because of the distro itself but because upstream has introduced breaking changes. You can see this when an upstream feature breaks in Arch, then Fedora picks up the same bug a few weeks/month later.
Arch is however the most solid distro I’ve ever used since I began using Linux many many moons ago.
One thing that is an Arch problem is that, if you do not update often enough, you can end-up with outdated keys that prevent you from installing before packages. The solution is just to update the keyring before updating everything else but this is confusing for a new user and kind of dumb in my opinion. I feel like the system should do this for me.
Arch already does this. Could be that your install has the keyring refresh service disabled but I’ve had it enabled for a good while now and I’ve never encountered that outdated pacman keyring issue.
Arch breaks all the time. It has to because upstream is usually always changing so breakage is inevitable.
Though a person’s mileage on this may vary (less update frequency, less no of programs etc.), the constant thing about rolling release is that breakages within software releases are to be expected.
You can setup your Arch with grub menu btrfs snapshots just like NixOS for convenient rollbacks. NixOS has too steep a learning curve, coming from someone who recently tried it and ended up being somewhat disappointed by it. NixOS sounds good on paper but in reality it is a long way from a mature product for desktop or general use.
As you mentioned Arch has AUR which packages just about anything and everything you could ever want in the future. And the Arch Wiki will never be “not relevant” so long as you are using Linux anywhere, the Arch Wiki is a handy reference.
I had always used Windows for the longest time. I used a certain cloud service and was impressed with how easy it was to manage services with docker. Fast forward a couple of years and I got a small mini-PC with Windows. I tried to install docker on it but Windows back then had no way of using Docker without virtualizing it with Hyper-V, a Pro feature. I thought let me give this another try. I tried to replicate the same setup with NSSM tools. It kinda worked eventually but it was a dirty hack at best and I did not like this solution.
I thought to myself, why would I pay Microsoft to use a feature I can use for free with Linux and get better performance while at it.
Gnome’s window sizing has always looked comical on my display. So I fix it with Orchis gtk compact theme. Also GSconnect is an irreplaceable utility for me.
I would say you are already secure enough if you are using software from official/trusted repositories and updating them on a regular basis.
That said, if you want extra security. Drop all software that cannot run on Wayland and go even further by isolating all desktop applications with the Flatpak sandbox. This is made extremely easy with Flatseal. Maximum points if you setup secure boot.