Tampermonkey® by Jan Biniok

Recent Changes

Introduced a permission editor for enhanced management of host permissions
Updated GM_download to make the name parameter optional and implemented extraction from the response headers
Removed use of deprecated DOMNodeInserted and MutationEvent events
Fixed an issue with the url property of GM_notification when no onclick listener is set
Updated GM_download to initiate downloads in parallel again
Resolved a failure when accessing xhr.responseXML of HTTP responses
No longer displaying script modification conflict warnings when there's no conflict
Resolved an issue with Instant Injection mode when a script requires a local file
Addressed problems related to script installation from certain Gitlab URLs
Removed warning about script updates being disabled upon script modification
Resolved multiple internal issues to prevent potential crashes
Corrected the functionality of window.showDirectoryPicker
Enhanced detection of new GreasyFork script URLs
Introduced id parameter in GM_registerMenuCommand to update existing commands
Added tag in GM_notification to overwrite existing notifications
Incorporated url property in GM_notification to open a new tab on click (can be cancelled by onClick event via preventDefault)
Notifications now automatically close when the userscript unloads and neither a url nor a tag was specified
Adjusted GM_download to prevent frequent triggering of onload
Refined version number parser to support ISO format dates
Note: As a result of this change, 1.0-0.3 is now considered a lower version number than 1.0
Overhauled aspects related to Instant Navigation
Accepted user-defined globals in ESLint configuration
Enhanced sandbox window addEventListener to support EventListenerObjects
Introduced a title option to GM_registerMenuCommand
Introduced feature to append script version number during disk save operations
Content-security-policy (CSP) directives are no longer relaxed by default
  • In Chrome, script injection should function as usual, but some userscripts may depend on a relaxed CSP
  • In Firefox, if the page CSP blocks injection, userscripts are now injected into a JavaScript-mode @sandbox, which may require cloneInto and friends for unsafeWindow property modification
  • The previous behavior can be reinstated by setting 'Modify existing content security policy (CSP) headers' to 'Yes'
  • This change aids in better adherence to the Mozilla add-on development policies
Locally modified scripts are not automatically updated, but can now be manually updated and confirmed for reversion
Introduced an option in GM_registerMenuCommand to prevent automatic closing of the popup on click
Corrected GM_xmlhttpRequest FormData key-value order
Adjusted ESLint to permit top-level await
Resolved BSD issue caused by incorrect getPlatformInfo response
Updated Italian translation | thanks to bovirus
Updated Portuguese-Brazil translation | thanks to igorruckert
Updated Danish translation | thanks to jhertel
Updated Chinese (simplified) translation | thanks to PaperStrike
Updated Russian translation | thanks to adem4ik
Updated Vietnamese translation | thanks to IoeCmcomc
Updated Japanese translation | thanks to maboroshin and shirayuki
Updated Japanese translation | thanks to shirayuki
Updated Russian translation | thanks to ACherepkov1989
Updated Turkish translation | thanks to selimsumlu
Updated Chinese (traditional) translation | thanks to 5idereal
Updated French translation | thanks to Juknum
Restored the application of custom CSS to installation pages
Fixed quirks in the darker theme
Repaired the 'Sync Now' button
Corrected the 'Save To Disk' button in the editor
Corrected 'replace all' functionality in code editor for certain strings
Enabled 'Sync Now' and 'Sync Reset' only after changes have been saved
Corrected script search badge mode to display accurate numbers
Implemented horizontal scrolling for tabs when the quantity exceeds the display limit
Search-as-you-type now consistently starts from the current position
Implemented anonymous requests for WebDAV to prevent overwriting of browser sessions
Fixed WebDAV-based sync in cases of unexpected existing folder structures
Reworked to reduce some authentication requests
Adjusted popup menu behavior when the page is viewed as a 'shortcut'
Eliminated warning message 'Tabs cannot be edited right now'
Chrome >= 71
Additional fixes related to document.write
Fix the active script count when an embedded frame is removed
Fix issues when document.write was called
Fix cookies response headers if GM_xhr.redirect is set to manual
Fix automatic detection mode of Add GM functions to this or window
Add GM_xhr.redirect option support with one of follow, error or manual as possible value
Remove GM_info.userAgent in favor of GM_info.userAgentData with all properties of NavigatorUAData and some "high entropy" values
Fix disappearing 'Yes' value of the 'Modify existing content security policy headers' option
Fix GM.download(url, name)
Add experimental GM_info.userAgent
Fix GM_setValue with binary content
Fix sometimes broken userscript link in stack trace
Allow cloud backups to be downloaded
ESLint updated to 8.32.0
Fix menu command listeners sometimes being executed multiple times
Fix GM_deleteValue to really delete values also in background
Make the storage editor show undefined values as well
Internal cleanup and rework for manifest v3
Internal rework and cleanup
Disable wrappedJSObject compatibility option by default
Fix GM_unregisterMenuCommand
Fix GM.saveTab
Make @sandbox always default to raw
Make console methods enumerable again
Fix @resource SVG handling
Allow GM_xhr streams to be canceled
Add some more entries to the download file extension whitelist
Add GM_download.details.conflictAction (works only in browser API mode)
Add GM_xhr.upload.onprogress support
Add .webp to the download whitelist
Add some more editor shortcuts
Experimental @sandbox support with possible values 'raw', 'JavaScript' and 'DOM'
  • 'raw' access means that a script for compatibility reasons always needs to run in page context. At the moment this mode is the default if @sandbox is omitted.
  • 'JavaScript' access mode means that this script needs unsafeWindow access. At Firefox a special context is created which should also bypass all remaining CSP issues. Execution in page context is used as fallback at other browsers.
  • 'DOM' access mode means that the script only needs DOM and no direct unsafeWindow access. If enabled these scripts are executed inside the extension context or at any other enabled context otherwise.
Add an option to configure available sandbox modes
Warning: Any option that enables 'DOM' mode is potentially unsecure. Userscripts that run in extension context have almost full extension permissions and can even modify and install new userscripts.
Remove document.addEventListener('DOMContentLoaded', ...) delayed event dispatching for document-start scripts executed later than the event
Remove toSource object prototype compat option
Fix issues with heavily increased page loading time caused by some scripts or @requires
Introducing Tam, your helpful assistant for getting started
Confirm script deletion in the dashboard if the trash is disabled
Show more site icons per script
Search editor as you type
Assure editor search results are scrolled in view
Improve visualization of blacklisted scripts
Allow script tabs to be closed via middle mouse click
Add a close button to the header of some more dialogs
Fix script toggle element if darker theme is enabled
Show script sync log messages at the settings page
Allow drag and drop inside the editor again
Fix active script count not being reset on tab reloads
Avoid showing a warning message at almost all tabs
Show a localized extension name to Chinese users
Update Italian translation | thanks to bovirus
Localize extension name and description
Update Japanese translation | thanks to shirayuki
Update Chinese (simplified) translation | thanks to gin3715
Update Russian translation | thanks to Tyemak
Add Macedonian translation | thanks to EntityPlantt
Add Hellenic (Greek) translation | thanks to panos78
Update Chinese (simplified) translation | thanks to iskandarma
Update Portuguese-Brazil translation | thanks to DavidBrazSan
Update Russian translation | thanks to vanja-san
Update Chinese (traditional) translation | thanks to SiderealArt
Update Danish translation | thanks to will2022
Make TamperDAV script change detection work regardless of boot order
When using WebDAV, add a trailing slash notation to collection names as suggested by the spec
Fix issues regarding enabling and disabling sync
Don't disable script updates on sync triggered change imports
Add an access token revoke button to some more cloud storage types
Note: make sure to sign out from the service first if you want to login with another account.
Dropbox: avoid upload of identical content
Support userscript editing at vscode.dev if the Tampermonkey Editors extension is installed
Minor internal cleanup
Sandbox improvements
External @require and @resource content is not updated by default anymore unless the script was updated
Improved compatibility for userstyles installed as userscript
Add an option to control whether to bind GM API functions to the userscript's execution context and sandbox window (and do it by default only if necessary)
Details: Enabling this makes it very easy for a userscript to accidentally leak its granted powers to the page
Treat @include a little bit more like @match if :// is present and add an option to control @include's behavior
Details: Many script developers expect @include *://tmnk.net/* to match pages at tmnk.net only, but it also matches https://example.com/?http://tmnk.net/.
To improve this, @includes that contain a :// are now interpreted a little bit different. Every * before :// now only matches the URL scheme. Also, if :// is directly followed by a * or a / somewhere, then the first * or all until / are applied to the hostname only.
Fix encoding of userscript file and URL imports
Show script and external resources size in dashboard
Show last updated time as relative time if within 4 weeks or as absolute date otherwise
Fix darker theme quirk
Fix favicons with transparent background
Improve editor menu if advanced editor is disabled
Add a localStorage option to manually disable the linter worker if importScripts force reloads the page
Update Turkish translation | thanks to Tmp341
Update Japanese translation | thanks to shirayuki
Update Portuguese-Brazil translation | thanks to igorruckert
Update Chinese (simplified) translation | thanks to xiaopangju
Update Chinese (simplified) translation | thanks to dnknn
Update Hindi translation | thanks to Yash-Singh1
Update French translation | thanks to omerien
Update Italian translation | thanks to bovirus
Update Russian translation | thanks to wvxwxvw
Update Chinese (traditional) translation | thanks to ndbiaw and SiderealArt
Allow userscript installation via drag and drop to options page also in case local file access is disabled
Fix prototype confusion in sandbox mode
Fix GM_getValue and GM_xmlhttpRequest response prototype confusion
Fix GM_setValue and include enumerable array values of the prototype chain as well
Fix sandbox window to have Object prototype methods agin
Fix custom ESLint config
Add known globals to editor auto-suggestion again
Make @connect * work with requests to IPs and hostnames (like localhost) again
Allow GM_getValue to return undefined as value
Improve JavaScript scriptlet support via @unwrap tag
Fix GM_xmlhttpRequest to forward status and statusText in fetch mode once available
Fix some rare exceptions happening in the wild
Sandbox improvements
Make cloud service re-authentication without user intervention less disturbing
Use up to ES2022 for linting if supported by the browser
Update ESLint
Fix several issues with older browser versions
Fix cookies overwriting in anonymous GM_xmlhttpRequest mode
Add a global and a per script setting to choose whether to run in incognito tabs
Replace worker based image cache to avoid problems at some browsers
Fix some userscript injection issues
Add some more audio formats to the download file extension whitelist
Use higher resolution if Google's favicons service is used
Always log an error at the page console if a @require or @resource couldn't be loaded
Improve GM_xmlhttpRequest event timings and make response readable on request errors as well
Make GM_notification.highlight focus the window as well
Make trash configurable (on/off/session only)
Fix issues caused by extremely delayed setTimeout(..., 0) calls
Add MouseEvent/KeyboardEvent argument to GM_registerMenuCommand callbacks
Add a focus method to the return value of GM_openInTab
GM_xmlhttpRequest.responseType 'stream' support
Make import from URL support zip, JSON and plain userscript files
Show an internal notification in case of an available extension update only
Add more second level domains (for .tld)
WebDAV improvements
Fix opening of zero byte externals
Internal rework and cleanup
Fix script positioning via drag and drop
Decrease extension size by removing jQuery dependency
Shift key + mouse click based multi select
Validate @grant as well as header tags in general
Fix storage 'reload' button and add 'reset'
Fix ESLint to allow top-level await
Warn on userscript header entries that are not prefixed by exactly one space
Use eslint-plugin-userscripts to highlight userscript header issues
Show localized userscript name and description if available where possible
Dark mode improvements
Prefer an explicit set @name:en over @name
Update page title if script is renamed by save
Keep CRLF line endings on edit
Improve scrollbar layout in dark mode
Fix TamperDAV double sync issue
Add a button to force a sync
Fix unnecessary repeated exports
Trigger sync on move to trash
Userscript Search integration
(search on popup menu entry click, on popup menu open or always)
Improve topbar announcements to not hide existing messages
@antifeature support
Add Userscript menu commands to the page's context menu
`@run-at context-menu scripts now require a @include or @match statement (like all other scripts)
Speed up extension storage operations
Sandbox fixes
Speed up injection
Speed up and fix handling of large GM_xmlhttpRequest responses
GM_xmlhttpRequest data might be available at readyState 3 now
Fix GM_download calls in non-native mode if executed too quickly one after the other
Add option whether to import script data and/or externals
Fix SHA-256 calculation for sub-resource integration (SRI) check of some files
Fix GM_xmlhttpRequest authentication via user and password (including fetch mode)
Fix a continuing script execution problem of scripts running on browser start
Fix GM_notification sometimes not using the given image
Fix a sandbox issue which caused DOMContentLoaded being fired after the load event
Fix GM_setStyle/GM_addElement of document-start scripts in case of very early script execution
Update CodeMirror editor to version 5.58.2
Update JSZip to 3.5.0
Fix linting issues
Add script trash
Add script removal entry to popup menu
Improve search bar to not hide script content
Add option to automatically highlight selected or hovered words
Fix the 'Find Next' button after search was opened
Fix flashing layout shift if an @include's favicon can't be loaded
Fix tab layout issue at very high zoom-levels at MacOS and Windows
Add a default @icon tag showing the domain's favicon if a URL is available
Add an option to add the current domain to the blacklisted pages list
Add a reload button to the script storage tab
Remember the last chosen cloud storage at the 'Utilities' tab
Make the 'Dashboard' item's alt action (Ctrl+Click, middle or right mouse click) open it with the current tab's URL as filter
Update darker theme | thanks to narcolepticinsomniac
Various improvements
Top-level await support
Allow experimental GM_addElement to operate on shadow DOM
Add Danish translation | thanks to will2022
Update Italian translation | thanks to bovirus
Update Japanese translation | thanks to shirayuki
Update Turkish translation | thanks to Tmp341
Update Portuguese-Brazil translation | thanks to igorruckert
Update Chinese (simplified) translation | thanks to xiaopangju
Update Chinese (traditional) translation | thanks to asthzh
Update Chinese (simplified) translation | thanks to ff98sha
Update Russian translation | thanks to wvxwxvw
Update Vietnamese translation | thanks to IoeCmcomc
Update Chinese (simplified) translation | thanks to CaveNightingale, Vstory and xiaopangju
Update Russian translation | thanks to vanja-san
Update French translation | thanks to omerien