Tampermonkey® by Jan Biniok

Recent Changes

4.18.1
2022-11-13
If you encounter unreliable script injection after this update, then please check this FAQ entry.
General
Fix GM_unregisterMenuCommand
Fix GM.saveTab
Make @sandbox always default to raw
Make console methods enumerable again
Disable wrappedJSObject compatibility option by default
Internal rework and cleanup
Firefox
Fix variable access via unsafeWindow in JavaScript sandbox mode
Fix instant injection in combination with document-start scripts
Fix communication with external pages
Fix some CSP issues by injecting the script code earlier
Sync
Fix an issue that script updates were disabled on sync triggered change imports
4.18.0
2022-09-30
Chrome >= 71, Firefox >= 65
General
Experimental @sandbox support with possible values 'raw', 'JavaScript' and 'DOM'
  • 'raw' access means that a script for compatibility reasons always needs to run in page context. At the moment this mode is the default if @sandbox is omitted.
  • 'JavaScript' access mode means that this script needs unsafeWindow access. At Firefox a special context is created which should also bypass all remaining CSP issues. Execution in page context is used as fallback at other browsers.
  • 'DOM' access mode means that the script only needs DOM and no direct unsafeWindow access. If enabled these scripts are executed inside the extension context or at any other enabled context otherwise.
Add an option to configure available sandbox modes
Warning: Any option that enables 'DOM' mode is potentially unsecure. Userscripts that run in extension context have almost full extension permissions and can even modify and install new userscripts.
Remove document.addEventListener('DOMContentLoaded', ...) delayed event dispatching for document-start scripts executed later than the event
Remove toSource object prototype compat option
Allow GM_xhr streams to be canceled
Add GM_xhr.upload.onprogress support
Add some more entries to the download file extension whitelist
Add GM_download.details.conflictAction (works only in browser API mode)
Fix @resource SVG handling
Add some more editor shortcuts
Remove GM_setTab in favor of the documented GM_saveTab call
UI
Allow script tabs to be closed via middle mouse click
Add a close button to the header of some more dialogs
Fix script toggle element if darker theme is enabled
Locales
Add Macedonian translation | thanks to EntityPlantt
Add Hellenic (Greek) translation | thanks to panos78
Update Chinese (simplified) translation | thanks to iskandarma
Update Portuguese-Brazil translation | thanks to DavidBrazSan
Update Russian translation | thanks to vanja-san
Sync
Add an access token revoke button to some more cloud storage types
Note: make sure to sign out from the service first if you want to login with another account.
Show script sync log messages at the settings page
Dropbox: avoid upload of identical content
Firefox
Use userScript API to execute userscripts
Add container ID to GM_info
Fix script counter at file URLs
Fix sandbox window to have Object.prototype properties
Make GM_xhr multi-account container aware
4.17.6161
2022-04-25
General
Fix issues with heavily increased page loading time caused by some scripts or @requires
UI
Allow drag and drop inside the editor again
Firefox
Try to fix script loading issues caused by 'too much recursion'
Locales
Update Chinese (traditional) translation | thanks to SiderealArt
Update Italian translation | thanks to bovirus
Update Danish translation | thanks to will2022
4.16.6160
2022-04-04
Firefox
Fix iframe issues
General
Minor internal cleanup
Sandbox improvements
External @require and @resource content is not updated by default anymore unless the script was updated
Improved compatibility for userstyles installed as userscript
Add an option to control whether to bind GM API functions to the userscript's execution context and sandbox window (and do it by default only if necessary)
Details: Enabling this makes it very easy for a userscript to accidentally leak its granted powers to the page
Treat @include a little bit more like @match if :// is present and add an option to control @include's behavior
Details: Many script developers expect `@include *://tmnk.net/*` to match pages at `tmnk.net` only, but it also matches `https://example.com/?http://tmnk.net/`.
To improve this, @includes that contain a `://` are now interpreted a little bit different. Every `*` before `://` now only matches the URL scheme. Also, if `://` is directly followed by a `*` or a `/` somewhere, then the first `*` or all until `/` are applied to the hostname only.
Fix encoding of userscript file and URL imports
UI
Show script and external resources size in dashboard
Show last updated time as relative time if within 4 weeks or as absolute date otherwise
Fix darker theme quirk
Fix favicons with transparent background
Improve editor menu if advanced editor is disabled
Add a localStorage option to manually disable the linter worker if importScripts force reloads the page
4.15.6154
2022-03-01
Locales
Update Turkish translation | thanks to Tmp341
Update Japanese translation | thanks to shirayuki
Update Portuguese-Brazil translation | thanks to igorruckert
Update Chinese (simplified) translation | thanks to xiaopangju
Update Chinese (simplified) translation | thanks to dnknn
Update Hindi translation | thanks to Yash-Singh1
Update French translation | thanks to omerien
Update Italian translation | thanks to bovirus
Update Russian translation | thanks to wvxwxvw
Update Chinese (traditional) translation | thanks to ndbiaw and SiderealArt
General
Allow userscript installation via drag and drop to options page also in case local file access is disabled
Fix prototype confusion in sandbox mode
Fix GM_getValue and GM_xmlhttpRequest response prototype confusion
Fix GM_setValue and include enumerable array values of the prototype chain as well
Fix sandbox window to have Object prototype methods agin
Fix custom ESLint config
Add known globals to editor auto-suggestion again
Make @connect * work with requests to IPs and hostnames (like localhost) again
Allow GM_getValue to return undefined as value
Improve JavaScript scriptlet support via @unwrap tag
Fix GM_xmlhttpRequest to forward status and statusText in fetch mode once available
Fix some rare exceptions happening in the wild
Sandbox improvements
Make cloud service re-authentication without user intervention less disturbing
Use up to ES2022 for linting if supported by the browser
Update ESLint
Fix several issues with older browser versions
Fix cookies overwriting in anonymous GM_xmlhttpRequest mode
Add a global and a per script setting to choose whether to run in incognito tabs
Replace worker based image cache to avoid problems at some browsers
Fix some userscript injection issues
Add some more audio formats to the download file extension whitelist
Use higher resolution if Google's favicons service is used
Always log an error at the page console if a @require or @resource couldn't be loaded
Improve GM_xmlhttpRequest event timings and make response readable on request errors as well
Make GM_notification.highlight focus the window as well
Make trash configurable (on/off/session only)
Fix issues caused by extremely delayed setTimeout(..., 0) calls
Add MouseEvent/KeyboardEvent argument to GM_registerMenuCommand callbacks
Add a focus method to the return value of GM_openInTab
GM_xmlhttpRequest.responseType 'stream' support
Make import from URL support zip, JSON and plain userscript files
Show an internal notification in case of an available extension update only
Add more second level domains (for .tld)
WebDAV improvements
Fix opening of zero byte externals
Internal rework and cleanup
Fix sometimes failing access to response when GM_xmlhttpRequest.responseType is set to 'document'
UI
Fix script positioning via drag and drop
Decrease extension size by removing jQuery dependency
Shift key + mouse click based multi select
Validate @grant as well as header tags in general
Fix storage 'reload' button and add 'reset'
Fix ESLint to allow top-level await
Warn on userscript header entries that are not prefixed by exactly one space
Use eslint-plugin-userscripts to highlight userscript header issues
Show localized userscript name and description if available where possible
Dark mode improvements
Prefer an explicit set @name:en over @name
Update page title if script is renamed by save
Keep CRLF line endings on edit
Sync
Fix TamperDAV double sync issue
Add a button to force a sync
Fix unnecessary repeated exports
Trigger sync on move to trash
Firefox
Add GM_notification.highlight support
Fix 'promise out of scope' warning