State of document_start userland injection with Manifest V3?

[Breeze]

In other words, executing JavaScript in the website's context as opposed to the isolated context in which content script runs, at `document_start`. How is this supposed to be done?

This is unarguably a popular use case, used by every userscript managers and many API blockers.

With manifest v2, this is usually done by first specifying content scripts to run at `document_start`, and creating a script element containing the JavaScript code to execute.

Now that manifest v3 has become a thing, I'm researching how this document_start userland injection can be done in this setting. However, non of the methods seems to be working. 

 - Attaching a script tag containing JS code as `textContent`

 - Attaching a script tag with 'src' attribute set to a Blob URL 

Both approach fails due to the `script-src: self` CSP. I am not sure whether this behavior with Blob URL is even complying to the spec.

As I glimpsed over this group, it seems that a recommended approach is to create a script tag with `src` pointing to a `web_accessible_resources`, but when this approach is used, page's inline scripts are executed first, so it is not a `document_start` injection.

I've read about the new `chrome.scripting` API but it seems to be only concerning about injection into an isolated world.

So, is it a state of V3 now, that there is no way to inject JS to userland at document_start? I thought Tampermonkey depends on this functionality. TM author states here https://github.com/Tampermonkey/tampermonkey/issues/644#issuecomment-742680842 that he is in contact with the Chromium devs and TM will continue to work. Am I missing something, or is that Chromium devs have told TM dev about some upcoming new APIs that will make this possible?

[wOxxOm]

Nothing has been clarified yet and indeed the feature is completely broken, see https://crbug.com/1137396 and https://crbug.com/1054624.