A powerful, open-source userscript manager built on Chrome Manifest V3
Chrome Web Store • Features • Installation • Quick Start • Security • Contributing
See ROADMAP.md for planned work.
- ROADMAP.md - single source of truth for planned work (active queue + research-driven additions + Round 14 history).
- RESEARCH_FEATURE_PLAN.md - current comprehensive research-backed feature context; active checkboxes stay in ROADMAP.
- RESEARCH_REPORT.md - research and planning map.
- COMPLETED.md - completed-work navigator.
- CHANGELOG.md - shipped release ledger.
Full Greasemonkey/Tampermonkey API compatibility with promise-based GM.* async variants.
| Storage | Network | UI | Utilities |
|---|---|---|---|
GM_getValue |
GM_xmlhttpRequest |
GM_addStyle |
GM_info |
GM_setValue |
GM_download |
GM_notification |
GM_log |
GM_deleteValue |
GM_webRequest |
GM_registerMenuCommand |
GM_setClipboard |
GM_listValues |
GM_unregisterMenuCommand |
GM_openInTab |
|
GM_getValues |
GM_getMenuCommands |
GM_getResourceText |
|
GM_setValues |
GM_addElement |
GM_getResourceURL |
|
GM_deleteValues |
GM_head |
GM_loadScript |
GM_cookie |
GM_addValueChangeListener |
GM_audio |
GM_focusTab |
|
GM_removeValueChangeListener |
Plus GM_getTab, GM_saveTab, GM_getTabs for cross-tab state, window.close, window.focus, window.onurlchange grants, @top-level-await, @delay, and @nodownload support.
TypeScript userscripts can reference lib/scriptvault.d.ts for generated ambient declarations that match ScriptVault's GM API surface.
Scripts that need to re-run on soft navigation can grant window.onurlchange.
ScriptVault dispatches it for Navigation API route changes, history updates,
popstate, and hashchange without requiring an extra extension permission.
Keep handlers idempotent and re-check the DOM when the target app renders
asynchronously:
// ==UserScript==
// @grant window.onurlchange
// ==/UserScript==
function apply() {
// Rebind or refresh page-specific UI here.
}
window.addEventListener('urlchange', ({ url, oldUrl }) => {
apply();
});
apply();Most ScriptVault scripts run in the browser USER_SCRIPT world. That world is
separate from the page Trusted Types policy, so GM_addElement, GM_addStyle,
and normal DOM creation keep working on sites that enforce
require-trusted-types-for 'script'.
If a script intentionally switches to MAIN/page context or uses unsafeWindow,
the page policy applies. Avoid assigning raw strings to innerHTML,
outerHTML, script URLs, or inline event handlers there. Prefer textContent,
append, createElement, and GM_addElement with attributes. If the target
site requires a TrustedHTML object, use a policy approved by that site; do not
create a broad passthrough policy just to bypass CSP.
- Auto-detect installation — Navigate to any
.user.jsURL - One-click toggle — Enable/disable scripts individually or globally
- Auto-updates — Configurable update intervals that default to notify-only queued review
- Update inbox — Review pending updates with diff, permission, source, and rollback context before install
- Per-script update check — Check and queue updates for individual scripts inline
- Version tracking — Installed vs. available version comparison
- Tags & search — Organize and filter scripts by name, description, or metadata
- Popup quick-edit — Click any script in the toolbar popup to jump straight into the editor
- Find Scripts — Search and install userscripts from Greasy Fork and other sources directly in the dashboard
- Bulk operations — Select multiple scripts to enable, disable, update, reset, or delete with progress tracking
- Per-script export — Export individual scripts as
.user.jsfiles - Script templates — 6 starter templates (blank, page modifier, CSS injector, API interceptor, SPA script, cross-site request)
- Version rollback — Auto-saves last 3 versions on update; one-click rollback from info panel
- Storage quota monitor — Visual quota bar with warning when approaching Chrome's 10MB limit
- Tag filtering — Filter scripts by
@tagmetadata in the dashboard dropdown - Drag-and-drop install — Drop
.user.jsor.zipfiles onto the dashboard to install - Shift+click multi-select — Select ranges of scripts with Shift+click
- Library browser — Search and add CDN libraries (
@require) from cdnjs directly in the editor - Advanced filters — Filter scripts by grant type, error status, update URL, scope breadth, or tags
- Code snippets — Insert GM API templates directly from the editor toolbar
- Keyboard shortcuts — Ctrl+N new, Alt+1-7 switch tabs, Ctrl+W close tab, Ctrl+Tab cycle tabs
- Script pinning — Pin favorite scripts to the top of the list
- Pattern tester — Test any URL to see which scripts would run on it
- Activity log — Timestamped log of all installs, updates, and errors
- Script health — Visual indicators for scripts with errors or stale updates
- Tampermonkey import — Import from Tampermonkey's
.txtbackup format - Batch URL install — Paste multiple
.user.jsURLs to install at once - Script notes — Personal notes per script, saved with settings
- Script configuration — Userscript
@varfields render in per-script Settings and expose values throughCAT_userConfig,GM_config, andGM_info.script.config - Version diff view — Compare any previous version against current code
- Script folders — Organize scripts into color-coded folders with drag-and-drop
- Workspaces — Named snapshots of enabled/disabled script states for quick context switching
- Command palette — Ctrl+K to fuzzy-search actions, scripts, and settings
- Execution profiling — Per-script timing stats with color-coded performance badges
- Performance budgets — Configurable time budget per script with visual over-budget indicators
- Column visibility — Toggle which columns appear in the script table
- Full-text search — Prefix with
code:to search inside script source code - Copy install URL — One-click clipboard copy of script download/update URL
- Full
@match,@include,@exclude,@exclude-matchsupport - User overrides — Add custom match patterns without editing script code
- Per-pattern toggles — Disable individual original patterns per-script
- Glob and regex pattern support
ScriptVault has three independent layers for stopping scripts from running on a given site, all reachable from Settings (and the popup's "Run only on this domain" / "Do not run on this domain" quick actions):
| Layer | Behavior | Setting |
|---|---|---|
| Denied hosts | Block every script on listed hosts. Highest priority — overrides script @match patterns. |
deniedHosts (array of hostnames) |
| Blacklist mode (default) | Run scripts everywhere except on URLs listed in blacklistedPages (one per line, glob-style patterns). |
pageFilterMode: 'blacklist' + blacklistedPages |
| Whitelist mode | Run scripts only on URLs listed in whitelistedPages. Nothing else triggers a script. |
pageFilterMode: 'whitelist' + whitelistedPages |
Per-script @match/@include/@exclude still apply on top of these global gates. The popup chip flips a single domain in or out of the active list in one click.
Sync scripts across devices with 5 providers:
| Provider | Method |
|---|---|
| WebDAV | Self-hosted or any WebDAV server |
| Google Drive | OAuth2 integration |
| Dropbox | App folder sync |
| OneDrive | Microsoft account integration |
| S3-compatible | AWS S3, Cloudflare R2, MinIO, Backblaze B2, and other S3 endpoints |
Two additional zero-config flows ship as separate modules: Easy Cloud for one-click Google Drive sync via chrome.identity, and GitHub Gist import/export/sync via a personal access token.
- Monaco Editor — Same editor that powers VS Code, loaded in a sandboxed iframe
- Tabbed editing — Open multiple scripts simultaneously with browser-style tabs (middle-click to close)
- Unsaved indicators — Visual dot on tabs with pending changes
- 4 editor themes — Dark, Light, Catppuccin Mocha, OLED
- Status bar — Line count and cursor position display
- IntelliSense — Autocomplete for GM API functions and
@metadatadirectives - Code folding, bracket matching, bracket pair colorization, auto-close
- Search & replace (
Ctrl+F/Ctrl+H) - Real-time userscript metadata linting
- Code beautifier — One-click indentation normalization
- Snippet insert — 7 GM API code templates from the toolbar
- Open in vscode.dev for external editing
- Network inspector — View all GM_xmlhttpRequest + fetch/XHR/WebSocket/sendBeacon calls from userscripts
- Execution profiler — See run count, avg/total time, and errors per script
- HAR export — Export network log in standard HAR format
- Auto-refreshes every 3 seconds
- Persistent companion panel — Always visible alongside the active page (Chrome 114+)
- Shows scripts running on the current page with toggles, timing badges, and error dots
- Live updates on tab navigation
- Quick access to dashboard and script creation
- Cryptographic signing — Sign scripts with your Ed25519 keypair
- Signature verification — Verify integrity of installed scripts
- Trust store — Manage trusted author public keys
@signaturemetadata tag embedded in script header
- AST-based analyzer — 31 risk pattern detectors using Acorn parser
- Zero false positives — AST walk ignores comments and strings
- Risk scoring — Color-coded risk level (minimal/low/medium/high)
- Categories: execution, data access, network, fingerprinting, obfuscation, mining, DOM hijacking
- Shown on install page before script installation
- Script isolation —
USER_SCRIPTworld viachrome.userScriptsAPI, per-script worldId (Chrome 133+) - Static analysis — AST-based risk scoring with 31 pattern detectors on every install
- Script signing — Ed25519 cryptographic signatures with trust store
- Blacklist system — Remote + manual blacklists
- Permission analysis — Visual
@grantpermission breakdown on install @connectvalidation — Restrict XHR domains and block internal-host requests by default- SRI verification —
@requireURLs with#sha256=hash are verified after fetch - CSP handling — Works on sites with strict Content Security Policies
- Zero telemetry — No phone home, all data stays local
- ZIP — Full backup with scripts + settings
- JSON — Text-based backup
- File import — Drag and drop
.user.jsor.zipfiles anywhere on the dashboard - URL import — Install directly from any URL
- Clipboard import — Paste script code directly
Manifest and browser-facing extension messages are localized in 8 languages:
English • German • Spanish • French • Japanese • Portuguese • Russian • Chinese
The dashboard interface is currently English-only until a full DOM translation pass is wired.
Click to expand all v2.0 features (58 major features)
- Built-in Script Store — Search, browse, and install scripts from Greasy Fork directly in the dashboard
- OpenUserJS Integration — Additional script source alongside Greasy Fork
- Script Collections — Group scripts into installable bundles with 4 built-in packs
- Recommendations Panel — Heuristic script suggestions derived from installed scripts and Greasy Fork categories
- Script Sharing — QR code generation, data URL encoding, standalone HTML export
- Advanced Linter — Rule-driven
@grant/metadata linter with one-click auto-fix - Script Diff Tool — Side-by-side and unified diff with LCS algorithm and merge support
- Activity Heatmap — 365-day GitHub-style contribution grid
- Error Log — 500-entry structured log with JSON/CSV/text export
- CSP Compatibility Reporter — Track which sites block scripts with workaround suggestions
- Script Debugger — Per-script console capture, live reload, variable inspector, error timeline
- DevTools Network Panel — Capture of every GM_xmlhttpRequest plus fetch/XHR/WebSocket/sendBeacon call, with HAR export
- Visual Pattern Builder — Construct @match patterns by decomposing URLs
- 30+ Code Snippets — Searchable library across 8 categories with editor integration
- Custom Templates — Save/share script templates with variable substitution wizard
- Card View — Grid layout alternative with site favicons and status indicators
- 10 Theme Presets — Custom theme editor ships with Dark, Light, Catppuccin, OLED, Nord, Dracula, Solarized Dark, Solarized Light, Monokai, and Gruvbox starting points
- Custom Theme Editor — 21 CSS variable pickers with live preview and import/export
- Keyboard Navigation — Full keyboard-first nav with optional Vim keybindings
- What's New Modal — Changelog shown once per version update
- Gamification — Achievements, streaks, user levels, shareable profile cards
- Zero-Config Cloud Sync — One-click Google Drive sync via chrome.identity
- GitHub Gist Integration — Import/export/sync scripts with GitHub Gists
- Automated Backups — Scheduled daily/weekly backups with configurable retention
- Multi-Profile Support — Different script configurations for different contexts
- Violentmonkey/Greasemonkey Import — Import from VM JSON and GM4 backup formats
- UserStyles/CSS Support —
.user.cssfiles with variable editor, Stylus import - Script Chaining — Visual pipeline builder for sequential script execution
- npm Package Resolution —
@require npm:lodashwith CDN fallback chain - Script Scheduling — Time/day/date-based execution with visual picker
- Public Extension API — External message API with rate limiting and webhooks
- Firefox Compatibility Layer — Polyfills for cross-browser v2.0 module support
- Lazy Module Loading — Dashboard loads 7 eager scripts, defers 30+ until needed
- Automatic Migration — Seamless v1.x → v2.0 data migration
- Storage Quota Manager — Auto-cleanup when approaching Chrome's 10MB limit
- 1100+ Vitest Tests — Coverage for parser, utilities, storage, update flows, UI modules, accessibility, and security boundaries
- JSDoc Type Annotations — @ts-check compatible on critical functions
- esbuild Build System — Modern bundler with minification and source maps
- Accessibility (WCAG 2.1 AA) — ARIA labels, focus trapping, high contrast, reduced motion
-
Clone or download this repository:
git clone https://github.com/SysAdminDoc/ScriptVault.git cd ScriptVault -
Open Chrome and navigate to
chrome://extensions -
Enable Developer mode (toggle in top right), then click Load unpacked and select the repository folder.
-
Enable userscript execution for your Chrome version:
- Chrome 138+: Click ScriptVault's Details button and enable Allow User Scripts.
- Chrome 120-137: Keep the global Developer mode toggle enabled.
If the toggle is off, the popup and dashboard show a setup banner. After enabling the required toggle, reopen the popup or click Refresh in dashboard runtime diagnostics; ScriptVault re-probes chrome.userScripts and configures the USER_SCRIPT world without requiring a browser restart. If Chrome keeps the API unavailable in the current extension context, use the Reload button on ScriptVault's chrome://extensions details page and refresh status again.
Install ScriptVault from the Chrome Web Store
Firefox is still a validation target, not a published AMO listing. The current package targets Firefox 140+ desktop and produces AMO-ready artifacts:
npm run firefox:package
npm run smoke:firefoxArtifacts are written to firefox-artifacts/: the Firefox package ZIP, a source-review ZIP, and web-ext-lint.json. The package gate currently passes with 0 linter errors and 0 notices. npm run smoke:firefox uses geckodriver plus Firefox Developer Edition/Nightly 140+ to temporary-install the package, open the dashboard and popup, save/toggle a smoke userscript, verify it runs on a local target page, validate DNR dynamic-rule add/remove, verify @require SRI at packaged-runtime registration, exercise Ed25519 signing/verification, validate WebDAV sync against a local fixture, import Chrome-shaped JSON/ZIP backup fixtures, import a 26-script quota fixture, and verify trash restore after a profile-backed Firefox restart. Monaco is omitted from the Firefox package until the dedicated editor-loading pass lands, so the editor falls back to the textarea adapter; OAuth cloud providers are deferred because Firefox does not support identity as an optional permission.
Last generated: 2026-06-06 with npm run support:matrix. Version source: manifest.json / manifest-firefox.json 3.11.0.
| Browser | Support level | Tested version / target | Last successful verification | Verification evidence | Unsupported or deferred APIs |
|---|---|---|---|---|---|
| Chrome / Chromium | Tier 1 published target | Chrome 130+ MV3 | 2026-06-06 | npm run smoke:dashboard, npm run cws:check, Chrome ZIP packaging in CI |
Chrome 138+ requires per-extension Allow User Scripts; current-site recovery uses Chrome 133+ permissions.addHostAccessRequest when available and falls back to permissions.request({ origins }); per-script worldId is Chrome 133+ and feature-gated |
| Microsoft Edge | Tier 1 compatible package; Partner Center publication manual | Edge 130+ Chromium MV3 package | 2026-06-06 Edge sideload smoke passed; package/report generated | npm run build:edge:check, edge-artifacts/scriptvault-edge-v3.11.0.zip, edge-artifacts/edge-build-3.11.0.json, npm run smoke:edge, docs/audit/edge-smoke-3.11.0.json; CI uploads edge-artifacts/* |
Manual Partner Center upload remains required until a live Edge Add-ons listing exists; Microsoft Edge Add-ons REST update automation is deferred until listing identifiers and publisher credentials are provisioned; Dedicated local Edge sideload smoke passed on Edg/146.0.3856.97; dashboard, popup, userScripts toggle, save/toggle, and local target execution were verified |
| Firefox Desktop | AMO validation target, not a published listing | Firefox 140.0+ MV3 | 2026-06-06 | npm run firefox:package, npm run smoke:firefox; web-ext lint 0 errors / 0 notices / 144 warnings |
sidePanel, offscreen, identity OAuth, and some userScripts.execute flows are unsupported/deferred; host grant/revoke diagnostics listen to permissions events; Firefox package omits Monaco until the Firefox editor-loading pass |
| Firefox for Android | Deferred; not an AMO compatibility target | No current gecko_android manifest target |
2026-06-06 | manifest-firefox.json intentionally omits gecko_android until an Android smoke gate exists |
Android UI/runtime, extension-action overlay, host-permission, import/export, and WebDAV paths are unverified |
| Brave / Vivaldi / Opera / Arc | Chromium derivative watchlist | Chrome 130+ package may load | Not release-verified | No CI smoke or store package for these browsers | Store policy, shields/sidebar behavior, and extension UI chrome are unverified |
| Orion / Safari | Not supported | Not a current target | Not verified | No build, smoke, or package path | Requires separate WebKit/Orion validation and likely native Safari extension work |
ScriptVault has broad extension permissions because it is a userscript manager: users can install scripts for user-chosen sites, run them in the browser USER_SCRIPT world, sync backups through configured providers, and expose script APIs such as GM_download, GM_xmlhttpRequest, clipboard, and tab helpers. The reviewer-facing permission justifications live in docs/store-listing-copy.md, the CWS remote-code review memo lives in docs/cws-remote-code-compliance.md, and the privacy policy keeps the same manifest inventory in PRIVACY.md.
Before release, run:
npm run store-copy:check
npm run cws:remote-code:checkThese checks compare manifest.json and manifest-firefox.json against the privacy policy, store copy, release runbook, package scripts, CI, and the CWS remote-code scanner so a new permission or remote-code-capable path cannot ship without matching reviewer evidence.
| Method | Steps |
|---|---|
| Direct URL | Navigate to any .user.js URL — ScriptVault auto-detects it |
| Find Scripts | Dashboard → click Find Scripts → search → one-click install |
| File drop | Drag and drop a .user.js file onto the dashboard |
| Dashboard import | Dashboard → Utilities → paste URL or code → Import |
| Create new | Dashboard → click + → write script → Ctrl+S |
| Action | How |
|---|---|
| Toggle | Click the switch next to any script |
| Edit | Click the script name — opens in a tab (multiple scripts at once) |
| Update | Click the refresh icon on any script to check for updates |
| Export | Click the download icon to export a single script |
| Delete | Click the trash icon |
| View storage | Click the database icon to inspect GM_getValue data |
| Bulk actions | Select multiple scripts via checkboxes → choose action from dropdown |
| Shortcut | Action |
|---|---|
Alt+Shift+S |
Open ScriptVault popup |
Alt+Shift+D |
Open Dashboard |
Alt+Shift+E |
Toggle all scripts on/off |
Ctrl+S |
Save script (in editor) |
Ctrl+F |
Find in editor |
Ctrl+H |
Find and replace |
Ctrl+G |
Go to line |
Type sv followed by a script name (or tag) in the browser's address bar
to fuzzy-search your installed scripts. Press Enter on a suggestion to open
that script in the dashboard editor.
// ==UserScript==
// @name Script Name
// @namespace https://example.com
// @version 1.0.0
// @description What the script does
// @author Your Name
// @match https://example.com/*
// @include http://example.org/*
// @exclude *://example.com/private/*
// @exclude-match *://admin.example.com/*
// @grant GM_getValue
// @grant GM_setValue
// @grant GM_xmlhttpRequest
// @require https://code.jquery.com/jquery-3.6.0.min.js
// @resource myCSS https://example.com/style.css
// @icon https://example.com/icon.png
// @run-at document-end
// @connect api.example.com
// @downloadURL https://example.com/script.user.js
// @updateURL https://example.com/script.meta.js
// @supportURL https://github.com/user/repo/issues
// @homepageURL https://github.com/user/repo
// @license MIT
// @antifeature tracking Analytics beacon
// @tag productivity
// @priority 10
// @inject-into auto
// @compatible chrome
// @incompatible firefox Needs polyfill
// @contributionURL https://example.com/donate
// @webRequest {"selector":"*ad*","action":"cancel"}
// @top-level-await
// ==/UserScript==| Value | Timing |
|---|---|
document-start |
Before DOM loads |
document-body |
When <body> exists |
document-end |
When DOM is complete (default) |
document-idle |
When page is fully loaded |
context-menu |
On right-click context menu |
| Layer | Protection |
|---|---|
| Script isolation | Scripts run in isolated USER_SCRIPT world via chrome.userScripts API |
| Permission transparency | Installation page shows all requested @grant permissions |
| Network restrictions | @connect domains and internal-host redirects are validated before XHR response bodies are read |
| Blacklist protection | Remote + manual blacklists block known malicious scripts |
| Zero telemetry | No data collection, no phone home — everything stays local |
| Feature | ScriptVault | Tampermonkey | ViolentMonkey |
|---|---|---|---|
| Manifest V3 | Yes | Yes | Yes |
| Full GM API (35+) | Yes | Yes | Yes |
| Monaco Editor (VS Code) | Yes | No | No |
| DevTools Panel | Yes | No | No |
| Side Panel | Yes | No | No |
| Script Signing (Ed25519) | Yes | No | No |
| AST Static Analysis (31 detectors) | Yes | No | No |
| Cloud Sync (WebDAV, Google Drive, Dropbox, OneDrive, S3) | Yes | Yes | Yes |
| 3-Way Sync Merge | Yes | No | No |
| Tabbed Multi-Script Editor | Yes | No | No |
| Built-in Script Search | Yes | No | No |
| Script Templates | 6 | No | No |
| Version Rollback | Yes (3) | No | No |
| CDN Library Browser | Yes | No | No |
| Workspaces | Yes | No | No |
| Script Folders | Yes | No | No |
| Command Palette (Ctrl+K) | Yes | No | No |
| Drag-and-Drop Install | Yes | Yes | No |
| Tag Filtering | Yes | No | No |
| Script Pinning | Yes | No | No |
| Pattern Tester | Yes | No | No |
| Version Diff View | Yes | No | No |
| Network Request Log + HAR | Yes | No | No |
| Execution Profiling | Yes | No | No |
| Performance Budgets | Yes | No | No |
| Storage Quota Monitor | Yes | No | No |
| Bulk Operations w/ Progress | Yes | Yes | No |
| 4 UI Themes | Yes | No | Yes |
| Open Source | MIT | No | Yes |
| Free | Yes | Freemium | Yes |
ScriptVault/
├── manifest.json # Chrome MV3 manifest
├── manifest-firefox.json # Firefox MV3 manifest
├── esbuild.config.mjs # Cross-platform build pipeline
├── playwright.config.mjs # Playwright E2E flow suite
├── .env.example # Safe template for Chrome Web Store publishing credentials
├── background.js # Service worker (built from source modules)
├── background.core.js # Main service worker logic (~5500 lines)
├── content.js # Content script bridge (USER_SCRIPT <-> background)
├── offscreen.html/js # Offscreen document (AST analysis, 3-way merge)
├── build.sh # Packages CWS-ready ZIP
├── bg/
│ ├── analyzer.js # AST-based static analysis engine
│ ├── netlog.js # Network request logger
│ ├── signing.js # Ed25519 script signing
│ └── workspaces.js # Workspace state manager
├── modules/
│ ├── storage.js # Settings, scripts, values, folders
│ ├── sync-providers.js # WebDAV, Google Drive, Dropbox, OneDrive
│ ├── resources.js # @resource/@require cache
│ ├── xhr.js # XHR abort tracking
│ └── i18n.js # Inline translations (8 languages)
├── shared/
│ └── utils.js # escapeHtml, generateId, sanitizeUrl, formatBytes
├── pages/
│ ├── dashboard.html/js # Main dashboard + Monaco editor (~5000 lines)
│ ├── popup.html/js # Toolbar popup
│ ├── install.html/js # Script installation page
│ ├── sidepanel.html/js # Persistent side panel (Chrome 114+)
│ ├── devtools.html # DevTools registration
│ ├── devtools-panel.html/js # DevTools network + profiling UI
│ ├── editor-sandbox.html # Sandboxed Monaco editor iframe
│ └── monaco-adapter.js # CodeMirror-to-Monaco API bridge
├── lib/
│ ├── codemirror/ # CodeMirror (lint only)
│ ├── scriptvault.d.ts # Generated GM API ambient declarations
│ ├── acorn.min.js # Acorn JS parser for AST analysis
│ ├── diff.min.js # diff.js for 3-way merge
│ └── fflate.js # ZIP compression
├── images/ # Extension icons
├── tests/e2e/ # Playwright install/update/restore/sync flows
└── _locales/ # 8 language translations
Contributions are welcome. Feel free to open a Pull Request.
- Fork the repository
- Create your feature branch (
git checkout -b feature/my-feature) - Commit your changes
- Push to the branch (
git push origin feature/my-feature) - Open a Pull Request
MIT License — see LICENSE for details.
- Tampermonkey — Setting the standard in userscript management
- ViolentMonkey — Manifest V3 inspiration
- Monaco Editor — The VS Code editor powering the script editor
- Acorn — JavaScript parser for AST-based static analysis
- jsdiff — Text diffing for 3-way sync merge
- fflate — Fast ZIP compression
ScriptVault v3.11.0
Your scripts, your rules — locked down and loaded