v3.16.0
Deep engineering + product-quality audit pass.
Security
- GM networking bound to the authenticated caller. GM_xmlhttpRequest / GM_webSocket / GM_download, GM_getResourceText/URL, GM_loadScript, and menu register/unregister used the caller-supplied script id, letting one userscript borrow another's @connect allowlist or read its @resource bodies. All now use Chrome's unspoofable sender.userScriptId.
- Attribute-injection XSS in the dependency graph and other panels (quote-unescaping escapers) fixed.
Data safety
- Cloud sync no longer permanently re-deletes restored-from-trash scripts (the tombstone-resurrection guard was dead code).
- Trash restore persists the script before emptying the trash entry (no loss on a service-worker crash).
- Backup restore no longer wipes per-script settings (match rules, notes, tags, pin) of installed scripts.
Correctness
- Chrome no longer misdetected as Firefox — restores per-script world isolation on Chrome 133+ and the correct setup instructions.
- Editor no longer swallows the first keystroke after a tab switch; cursor Ln/Col updates instead of freezing.
- New Script / Duplicate / New Folder report failures instead of silently doing nothing.
- Storage meter measures real usage; Find Scripts pagination works again.
Full detail in CHANGELOG.md; ~13 additional verified findings are tracked in ROADMAP.md.