Thanks to visit codestin.com
Credit goes to github.com

Skip to content

v3.17.0

Latest

Choose a tag to compare

@SysAdminDoc SysAdminDoc released this 03 Jul 00:16

Trust enforcement, sync data-safety, and backup slimming.

Security

  • Subresource Integrity "Require" mode is now enforced — refuses to run any @require/@resource without a verifiable SRI hash; the install review flags every un-pinned dependency as "unverified remote code".
  • Scam / crypto-drain detector — flags wallet seed/private-key access, drainer keywords, and wallet transaction requests, with a high-severity "possible credential/wallet exfiltration" finding when a script harvests secrets and sends data off-page. Benign wallet-adjacent scripts aren't flagged.

Data safety

  • Cloud backup no longer clobbers the sync envelope (distinct object per provider) and encrypts under E2EE.
  • Easy Cloud sync received the merge fixes: restored-from-trash scripts survive, clean 3-way merges aren't discarded, correct 3-way base.
  • SettingsManager write-race fix — concurrent settings writes no longer drop a freshly refreshed OAuth token.

UX & storage

  • "Only on This Site" one-click scope in the popup + @match validation in the dashboard editor.
  • Backup blobs are gzip-compressed in IndexedDB (transparent, backward-compatible).

Full detail in CHANGELOG.md. Remaining roadmap items (on-device AI, optional host permissions, GM.fetch streaming, per-script cookie jars, git/local-folder sync) are larger bets deferred to dedicated sessions.