General
Experimental @sandbox support with possible values 'raw', 'JavaScript' and 'DOM'
- 'raw' access means that a script for compatibility reasons always needs to run in page context. At the moment this mode is the default if @sandbox is omitted.
- 'JavaScript' access mode means that this script needs unsafeWindow access. At Firefox a special context is created which should also bypass all remaining CSP issues. Execution in page context is used as fallback at other browsers.
- 'DOM' access mode means that the script only needs DOM and no direct unsafeWindow access. If enabled these scripts are executed inside the extension context or at any other enabled context otherwise.
Add an option to configure available sandbox modes
Warning: Any option that enables 'DOM' mode is potentially unsecure. Userscripts that run in extension context have almost full extension permissions and can even modify and install new userscripts.
Remove document.addEventListener('DOMContentLoaded', ...) delayed event dispatching for document-start scripts executed later than the event
Remove toSource object prototype compat option
Allow GM_xhr streams to be canceled
Add GM_xhr.upload.onprogress support
Add some more entries to the download file extension whitelist
Fix @resource SVG handling
Add some more editor shortcuts
Remove GM_setTab in favor of the documented GM_saveTab call
UI
Allow script tabs to be closed via middle mouse click
Add a close button to the header of some more dialogs
Fix script toggle element if darker theme is enabled
Locales
Add Hellenic (Greek) translation | thanks to panos78
Update Chinese (simplified) translation | thanks to iskandarma
Update Portuguese-Brazil translation | thanks to DavidBrazSan
Update Russian translation | thanks to vanja-san
Sync
Add an access token revoke button to some more cloud storage types
Note: make sure to sign out from the service first if you want to login with another account.
Show script sync log messages at the settings page
Dropbox: avoid upload of identical content