Greasemonkey update brings important security changes
Firefox script manager Greasemonkey has been updated to version 2.0 with some important security tweaks.
The add-on now finally defaults to the unprivileged mode introduced in Greasemonkey 1.0, which means scripts must explicitly request the APIs they need with @grant. The developers say this shouldn’t pose a problem, as "many if not most or all scripts" work this way already, and the change won’t immediately affect installed scripts anyway. But if you then update, edit or reinstall a script which doesn’t follow the rules, it’ll probably break.
Elsewhere, new support for reading a meta.js file from any website should make it easier to detect and download script updates (although it’ll take some time before it’s widely used).
Firefox Sync support is now turned on by default, and shouldn’t display unnecessary prompts if a master password is set.
References and links to the broken and almost entirely useless userscripts.org will at last be ditched.
As we write, the Firefox add-on site is still displaying Greasemonkey 1.15. It should catch up soon, but if you can’t wait, try installing 2.0 beta 2 from the Development Channel section.