Recent Changes

It is necessary to enable developer mode to run userscripts via Tampermonkey now.
Instructions on how to enable it can be found here.

General

Fixed sometimes missing progress events when using GM_download and GM_xmlhttpRequest

Fixed response text encoding of fetch-based, non-utf8 GM_xmlhttpRequests

Reworked the storage implementation

Fixed an issue with downloading large data: URIs

Added Blob and File download capabilities to GM_download

Made some more strings translatable (unit, editor commands)

Sync

Enhanced OneDrive sync by adopting a standardized URL for file listings

General

Reworked the sandbox console to make its properties configurable

Fixed onurlchange so it fires on hash changes triggered by pushState

Added support for sending ArrayBuffer and UInt8Array objects via GM_xmlhttpRequest

Added the $DATETIME$ variable for use in script templates

Fixed the "Message length exceeded" error during script updates

Fixed forced action menu updates

Reworked the UI to better distinguish between scripts that are disabled and those that are enabled but not executed

Locales

Updated Italian translation | thanks to bovirus

Updated Portuguese-Brazil translation | thanks to igorruckert

Updated Japanese translation | thanks to shirayuki

Updated Vietnamese translation | thanks to IoeCmcomc

Microsoft Edge

Allow coorporate pages ^{(like GreasyFork)} to detect Tampermonkey even when developer mode is not enabled

General

Fixed the configuration of script positions via drop down menu

Setting sandboxed window.location now navigates via background context

Fix GM.cookie.list() to resolve also if called without an argument

Allow GreasyFork's install button to update correctly after moving a script to the trash

General

Fixed issue with listening for menu command access keys

Resolved issue where GM_registerMenuCommand entries reappeared until clicked

Fix relative externals in @require and @resource

Locales

Updated Ukrainian translation | thanks to click0

General

Resolved issues with protocol-relative URLs in GM_xmlhttpRequest

Ensured GM_xmlhttpRequest retains specified request headers during redirects

Resolved issue with back navigation on the intermediate script installation page

Resolved issues with cloud functions on the options page

Corrected the sorting of menu commands after updates

Added @run-in support

Added a setting to control whether GM_cookie should be able to access HttpOnly cookies

Fixed sometimes wrong GM_xmlhttpRequest response header separator

Fixed saving of checkbox and text inputs via the save button

Fixed opening menus at the popup by clicking the name

Added a button to disable script updates at the update dialog

Microsoft Edge

Fixed @noframes support in dynamic userScripts mode

Locales

Updated Portuguese-Brazil translation | thanks to igorruckert

Updated Italian translation | thanks to bovirus

General

Added button to force update externals

Fixed header-derived filenames in GM_download

Fixed occasional incorrect response headers in GM_xmlhttpRequest

Added multi-value support for storage methods

Fixed GM_xmlhttpRequest.finalUrl to include hash components again

Microsoft Edge

Resolved additional MV3 GM_xmlhttpRequest issues

Sync

Fixed synchronization issues with WebDAV

General

Tag support

Reworked counting of executed script instances

Enhanced back/forward cache navigation handling

Improved editor search functionality

Fixed code selection near the top and bottom of the editor

Fixed editor height issue in mobile views

Microsoft Edge

Fixed disabling Tampermonkey in dynamic userScripts mode

Fixed auto page reload functionality in dynamic userScripts mode

Resolved issues with external page connectability being intermittently unavailable

Addressed occasional failures in script registration in userScript dynamic mode

Streamlined the script installation process for a smoother experience

Locales

Updated Ukrainian translation | thanks to Postrediori

General

Fixed an GM_registerMenuCommand issue with non-letter accessKeys

Fixed another GM_xmlhttpRequest cookie issue

Microsoft Edge

Fixed an GM_xmlhttpRequest issues with non-ASCII header values

Fixed an issue that made some local file URLs inaccessible

Microsoft Edge

Fixed support for script installation via drag-and-drop in any browser tab

Speeded up UserScripts Dynamic Mode to support real document_start

Made @sandbox DOM mode work again

General

Fixed another GM_xmlhttpRequest cookie issue

General

Fixed another GM_xmlhttpRequest cookie issue

Fixed several GM_xmlhttpRequest cookie issues

Fixed storage change listeners after clicking a download link

Fixed issues with GM_registerMenuCommand if the command was registered multiple times (e.g. from different frames)

Enabled GM_cookie for all versions (HttpOnly cookie access still only at the beta versions)

Added partitionKey support to GM_cookie

Added cookiePartition support to GM_xmlhttpRequest

Added a warning message when a script without @include and @match entry is saved the first time

Locales

Updated Italian translation | thanks to bovirus

Updated Japanese translation | thanks to shirayuki

Updated Portuguese-Brazil translation | thanks to igorruckert

Microsoft Edge

Switched to Manifest V3

Show an error icon at scripts without any @include and @match entry

MV3

Improved script installation to not download the script content in parallel anymore
Note: you can restore the old behavior, by changing Userscript URL detection to Legacy

Known Issues

GM_webRequest is not (yet) supported in Manifest V3

GM_xmlhttpRequest fires only one progress event (you can use responseType stream for now)

In UserScript API Dynamic mode scripts that are using a RegExp @require cause overhead by being injected into every frame

Script installation is kind of clumsy because the script content is downloaded in parallel

General

Introduced a permission editor for enhanced management of host permissions

Updated GM_download to make the name parameter optional and implemented extraction from the response headers

Removed use of deprecated DOMNodeInserted and MutationEvent events

Fixed an issue with the url property of GM_notification when no onclick listener is set

Updated GM_download to initiate downloads in parallel again

Resolved a failure when accessing xhr.responseXML of HTTP responses

Locales

Updated Italian translation | thanks to bovirus

Updated Portuguese-Brazil translation | thanks to igorruckert

Updated Danish translation | thanks to jhertel

Updated Chinese (simplified) translation | thanks to PaperStrike

Restored the application of custom CSS to installation pages

Fixed quirks in the darker theme

Repaired the 'Sync Now' button

Corrected the 'Save To Disk' button in the editor

Sync

Implemented anonymous requests for WebDAV to prevent overwriting of browser sessions

Fixed WebDAV-based sync in cases of unexpected existing folder structures

Reworked to reduce some authentication requests

General

No longer displaying script modification conflict warnings when there's no conflict

Resolved an issue with Instant Injection mode when a script requires a local file

Addressed problems related to script installation from certain Gitlab URLs

Removed warning about script updates being disabled upon script modification

Locales

Updated Russian translation | thanks to adem4ik

Updated Vietnamese translation | thanks to IoeCmcomc

Updated Japanese translation | thanks to maboroshin and shirayuki

Updated Italian translation | thanks to bovirus

Corrected 'replace all' functionality in code editor for certain strings

General

Resolved multiple internal issues to prevent potential crashes

Corrected the functionality of window.showDirectoryPicker

Enhanced detection of new GreasyFork script URLs

Introduced id parameter in GM_registerMenuCommand to update existing commands

Added tag in GM_notification to overwrite existing notifications

Incorporated url property in GM_notification to open a new tab on click (can be cancelled by onClick event via preventDefault)

Notifications now automatically close when the userscript unloads and neither a url nor a tag was specified

Adjusted GM_download to prevent frequent triggering of onload

Refined version number parser to support ISO format dates
Note: As a result of this change, 1.0-0.3 is now considered a lower version number than 1.0

Overhauled aspects related to Instant Navigation

Accepted user-defined globals in ESLint configuration

Enhanced sandbox window addEventListener to support EventListenerObjects

Enabled 'Sync Now' and 'Sync Reset' only after changes have been saved

Corrected script search badge mode to display accurate numbers

General

Introduced a title option to GM_registerMenuCommand

Introduced feature to append script version number during disk save operations

Content-security-policy (CSP) directives are no longer relaxed by default
Notes:

In Chrome, script injection should function as usual, but some userscripts may depend on a relaxed CSP
In Firefox, if the page CSP blocks injection, userscripts are now injected into a JavaScript-mode @sandbox, which may require cloneInto and friends for unsafeWindow property modification
The previous behavior can be reinstated by setting 'Modify existing content security policy (CSP) headers' to 'Yes'
This change aids in better adherence to the Mozilla add-on development policies

Locally modified scripts are not automatically updated, but can now be manually updated and confirmed for reversion

Introduced an option in GM_registerMenuCommand to prevent automatic closing of the popup on click

Corrected GM_xmlhttpRequest FormData key-value order

Adjusted ESLint to permit top-level await

Resolved BSD issue caused by incorrect getPlatformInfo response

Regression

Resolved an issue with opening tabs from extension pages

Locales

Updated Italian translation | thanks to bovirus

Updated Portuguese-Brazil translation | thanks to igorruckert

Updated Japanese translation | thanks to shirayuki

Updated Russian translation | thanks to ACherepkov1989

Updated Turkish translation | thanks to selimsumlu

Updated Chinese (traditional) translation | thanks to 5idereal

Updated French translation | thanks to Juknum

Implemented horizontal scrolling for tabs when the quantity exceeds the display limit

Search-as-you-type now consistently starts from the current position

General

Additional fixes related to document.write

Fix the active script count when an embedded frame is removed

Fix issues when document.write was called

Fix cookies response headers if GM_xhr.redirect is set to manual

Introducing Tam, your helpful assistant for getting started

Confirm script deletion in the dashboard if the trash is disabled

Locales

Show a localized extension name to Chinese users

Update Italian translation | thanks to bovirus

Sync

Make TamperDAV script change detection work regardless of boot order

When using WebDAV, add a trailing slash notation to collection names as suggested by the spec

Fix issues regarding enabling and disabling sync

General

Fix automatic detection mode of Add GM functions to this or window

Add GM_xhr.redirect option support with one of follow, error or manual as possible value

Remove GM_info.userAgent in favor of GM_info.userAgentData with all properties of NavigatorUAData and some "high entropy" values

Fix disappearing 'Yes' value of the 'Modify existing content security policy headers' option

Fix GM.download(url, name)

Add experimental GM_info.userAgent

Show more site icons per script

Search editor as you type

Assure editor search results are scrolled in view

Locales

Localize extension name and description

General

Fix GM_setValue with binary content

Fix sometimes broken userscript link in stack trace

Allow cloud backups to be downloaded

ESLint updated to 8.32.0

Fix menu command listeners sometimes being executed multiple times

Fix GM_deleteValue to really delete values also in background

Make the storage editor show undefined values as well

Internal cleanup and rework for manifest v3

Locales

Update Italian translation | thanks to bovirus

Update Japanese translation | thanks to shirayuki

Update Chinese (simplified) translation | thanks to gin3715

Update Russian translation | thanks to Tyemak

Experimental

Support userscript editing at vscode.dev if the Tampermonkey Editors extension is installed

General

Internal rework and cleanup

Disable wrappedJSObject compatibility option by default

Fix GM_unregisterMenuCommand

Fix GM.saveTab

Make @sandbox always default to raw

Make console methods enumerable again

Improve visualization of blacklisted scripts

Sync

Don't disable script updates on sync triggered change imports

General

RC2

Fix @resource SVG handling

Allow script tabs to be closed via middle mouse click

Locales

Add Macedonian translation | thanks to EntityPlantt

General

RC1

Allow GM_xmlhttpRequestsstreams to be canceled

Add some more entries to the download file extension whitelist

Add GM_download.details.conflictAction (works only in browser API mode)

Add a close button to the header of some more dialogs

Sync

Add an access token revoke button to some more cloud storage types
Note: make sure to sign out from the service first if you want to login with another account.

General

Add GM_xmlhttpRequestsupload.onprogress support

Fix script toggle element if darker theme is enabled

Regression

Fix issues with some @requires

Fix sometimes not working script injection at Chrome after updating from 4.17.x

Fix execution of some scripts

Fix GM_addElement to set id properties correctly

Fix instant mode issues

Cleanup logging

General

Add .webp to the download whitelist

Add some more editor shortcuts

Experimental @sandbox support with possible values 'raw', 'JavaScript' and 'DOM'

'raw' access means that a script for compatibility reasons always needs to run in page context. At the moment this mode is the default if @sandbox is omitted.
'JavaScript' access mode means that this script needs unsafeWindow access. At Firefox a special context is created which should also bypass all remaining CSP issues. Execution in page context is used as fallback at other browsers.
'DOM' access mode means that the script only needs DOM and no direct unsafeWindow access. If enabled these scripts are executed inside the extension context or at any other enabled context otherwise.

Add an option to configure available sandbox modes
Warning: Any option that enables 'DOM' mode is potentially unsecure. Userscripts that run in extension context have almost full extension permissions and can even modify and install new userscripts.

Remove document.addEventListener('DOMContentLoaded', ...) delayed event dispatching for document-start scripts executed later than the event

Remove toSource object prototype compat option

Show script sync log messages at the settings page

Sync

Dropbox: avoid upload of identical content

Locales

Add Hellenic (Greek) translation | thanks to panos78

Update Chinese (simplified) translation | thanks to iskandarma

Update Portuguese-Brazil translation | thanks to DavidBrazSan

Update Russian translation | thanks to vanja-san

General

Fix issues with heavily increased page loading time caused by some scripts or @requires

Allow drag and drop inside the editor again

Locales

Update Chinese (traditional) translation | thanks to SiderealArt

Update Italian translation | thanks to bovirus

Update Danish translation | thanks to will2022

General

Minor internal cleanup

General

Sandbox improvements

External @require and @resource content is not updated by default anymore unless the script was updated

Show script and external resources size in dashboard

Show last updated time as relative time if within 4 weeks or as absolute date otherwise

General

Sandbox improvements

Improved compatibility for userstyles installed as userscript

Add an option to control whether to bind GM API functions to the userscript's execution context and sandbox window (and do it by default only if necessary)
Details: Enabling this makes it very easy for a userscript to accidentally leak its granted powers to the page

Treat @include a little bit more like @match if :// is present and add an option to control @include's behavior
Details: Many script developers expect @include *://tmnk.net/* to match pages at tmnk.net only, but it also matches https://example.com/?http://tmnk.net/.
To improve this, @includes that contain a :// are now interpreted a little bit different. Every * before :// now only matches the URL scheme. Also, if :// is directly followed by a * or a / somewhere, then the first * or all until / are applied to the hostname only.

Fix encoding of userscript file and URL imports

Fix darker theme quirk

Fix favicons with transparent background

Improve editor menu if advanced editor is disabled

Add a localStorage option to manually disable the linter worker if importScripts force reloads the page

Regression

Fix saving settings inside a section with a save button

Regression

Fix editor content search

Locales

Update Turkish translation | thanks to Tmp341

General

Allow userscript installation via drag and drop to options page also in case local file access is disabled

Fix prototype confusion in sandbox mode

Fix GM_getValue and GM_xmlhttpRequest response prototype confusion

Fix GM_setValue and include enumerable array values of the prototype chain as well

Fix sandbox window to have Object prototype methods agin

Fix custom ESLint config

Add known globals to editor auto-suggestion again

Make @connect * work with requests to IPs and hostnames (like localhost) again

Fix script positioning via drag and drop

Decrease extension size by removing jQuery dependency

General

Allow GM_getValue to return undefined as value

Improve JavaScript scriptlet support via @unwrap tag

Fix GM_xmlhttpRequest to forward status and statusText in fetch mode once available

Fix some rare exceptions happening in the wild

Sandbox improvements

Locales

Update Japanese translation | thanks to shirayuki

Update Portuguese-Brazil translation | thanks to igorruckert

Update Chinese (simplified) translation | thanks to xiaopangju

Regression

Fix unintentionally overwritten variable in @grant none mode

Microsoft Edge

Initial BETA release