Skip to Content
About Mermaid

Last Updated: 3/7/2026

About Mermaid

Mermaid lets you create diagrams and visualizations using text and code.

It is a JavaScript based diagramming and charting tool that renders Markdown-inspired text definitions to create and modify diagrams dynamically.

If you are familiar with Markdown you should have no problem learning Mermaid’s Syntax.

Mermaid is a JavaScript based diagramming and charting tool that uses Markdown-inspired text definitions and a renderer to create and modify complex diagrams. The main purpose of Mermaid is to help documentation catch up with development.

Doc-Rot is a Catch-22 that Mermaid helps to solve.

Diagramming and documentation costs precious developer time and gets outdated quickly. But not having diagrams or docs ruins productivity and hurts organizational learning.

Mermaid addresses this problem by enabling users to create easily modifiable diagrams, it can also be made part of production scripts (and other pieces of code).

Mermaid allows even non-programmers to easily create detailed and diagrams through the Mermaid Live Editor .

For a more detailed introduction to Mermaid and some of its more basic uses, look to the Beginner’s Guide and Usage documentation.

Diagram Types

Mermaid supports a wide variety of diagram types:

Flowchart

Sequence Diagram

Gantt Diagram

Class Diagram

Git Graph

Entity Relationship Diagram

User Journey Diagram

Quadrant Chart

XY Chart

Installation

CDN

https://cdn.jsdelivr.net/npm/mermaid@<version>/dist/

To select a version, replace <version> with the desired version number.

Latest Version: https://cdn.jsdelivr.net/npm/mermaid@11 

Deploying Mermaid

To Deploy Mermaid:

  1. You will need to install node v16, which would have npm
  2. Install mermaid
    • NPM: npm i mermaid
    • Yarn: yarn add mermaid
    • Pnpm: pnpm add mermaid

Mermaid API

To deploy mermaid without a bundler, insert a script tag with an absolute address and a mermaid.initialize call into the HTML:

<script type="module">
  import mermaid from 'https://cdn.jsdelivr.net/npm/mermaid@11/dist/mermaid.esm.min.mjs';
  mermaid.initialize({ startOnLoad: true });
</script>

This commands the mermaid parser to look for the <div> or <pre> tags with class="mermaid". From these tags, mermaid tries to read the diagram/chart definitions and render them into SVG charts.

Security and Safe Diagrams

For public sites, it can be precarious to retrieve text from users on the internet, storing that content for presentation in a browser at a later stage. The reason is that the user content can contain embedded malicious scripts that will run when the data is presented.

For Mermaid this is a risk, specially as mermaid diagrams contain many characters that are used in html which makes the standard sanitation unusable as it also breaks the diagrams. We still make an effort to sanitize the incoming code and keep refining the process but it is hard to guarantee that there are no loop holes.

As an extra level of security for sites with external users we are happy to introduce a new security level in which the diagram is rendered in a sandboxed iframe preventing JavaScript in the code from being executed. This is a great step forward for better security.

Unfortunately you cannot have a cake and eat it at the same time which in this case means that some of the interactive functionality gets blocked along with the possible malicious code.

Reporting Vulnerabilities

To report a vulnerability, please e-mail security@mermaid.live with a description of the issue, the steps you took to create the issue, affected versions, and if known, mitigations for the issue.

Getting Started