Patch Changes

• #6886 e0b45c2 Thanks @darshanr0107! - fix: Handle arrows correctly when auto number is enabled

Patch Changes

• #6886 e0b45c2 Thanks @darshanr0107! - fix: Handle arrows correctly when auto number is enabled

This release backports the fix for GHSA-7rqq-prvp-x9jh from v11.10.0, preventing a potential XSS attack in labels in sequence diagrams.

See: 9d68517 (on main branch)
See: 7509b06 (backported commit)

Full Changelog: v10.9.3...v10.9.4

Minor Changes

• #6744 daf8d8d Thanks @SpecularAura! - feat: Added support for per link curve styling in flowchart diagram using edge ids

Patch Changes

• #6857 b9ef683 Thanks @knsv! - feat: Exposing elk configuration forceNodeModelOrder and considerModelOrder to the mermaid configuration

• #6653 2c0931d Thanks @darshanr0107! - chore: Remove the "-beta" suffix from the XYChart, Block, Sankey diagrams to reflect their stable status

• #6683 33e08da Thanks @darshanr0107! - fix: Position the edge label in state diagram correctly relative to the edge

• #6693 814b68b Thanks @darshanr0107! - fix: Apply correct dateFormat in Gantt chart to show only day when specified

• #6734 fce7cab Thanks @darshanr0107! - fix: handle exclude dates properly in Gantt charts when using dateFormat: 'YYYY-MM-DD HH:mm:ss'

• #6733 fc07f0d Thanks @omkarht! - fix: fixed connection gaps in flowchart for roundedRect, stadium and diamond shape

• #6876 12e01bd Thanks @sidharthv96! - fix: sanitize icon labels and icon SVGs

  Resolves CVE-2025-54880 reported by @fourcube

• #6801 01aaef3 Thanks @sidharthv96! - fix: Update casing of ID in requirement diagram

• #6796 c36cd05 Thanks @HashanCP! - fix: Make flowchart elk detector regex match less greedy

• #6702 8bb29fc Thanks @qraqras! - fix(block): overflowing blocks no longer affect later lines

  This may change the layout of block diagrams that have overflowing lines
  (i.e. block diagrams that use up more columns that the columns specifier).

• #6717 71b04f9 Thanks @darshanr0107! - fix: log warning for blocks exceeding column width

  This update adds a validation check that logs a warning message when a block's width exceeds the defined column layout.

• #6820 c99bce6 Thanks @kriss-u! - fix: Add escaped class literal name on namespace

• #6332 6cc1926 Thanks @ajuckel! - fix: Allow equals sign in sequenceDiagram labels

• #6651 9da6fb3 Thanks @darshanr0107! - Add validation for negative values in pie charts:

  Prevents crashes during parsing by validating values post-parsing.

  Provides clearer, user-friendly error messages for invalid negative inputs.

• #6803 e48b0ba Thanks @omkarht! - chore: migrate to class-based ArchitectureDB implementation

• #6838 4d62d59 Thanks @saurabhg772244! - fix: node border style for handdrawn shapes

• #6739 e9ce8cf Thanks @kriss-u! - fix: Update flowchart direction TD's behavior to be the same as TB

• #6833 9258b29 Thanks @darshanr0107! - fix: correctly render non-directional lines for '---' in block diagrams

• #6855 da90f67 Thanks @sidharthv96! - fix: fallback to raw text instead of rendering Unsupported markdown or empty blocks

  Instead of printing Unsupported markdown: XXX, or empty blocks when using a markdown feature
  that Mermaid does not yet support when htmlLabels: true(default) or htmlLabels: false,
  fallback to the raw markdown text.

• #6876 0133f1c Thanks @sidharthv96! - fix: sanitize KATEX blocks

  Resolves CVE-2025-54881 reported by @fourcube

• #6804 895f9d4 Thanks @omkarht! - chore: Update packet diagram to use new class-based database structure

Minor Changes

• #6744 daf8d8d Thanks @SpecularAura! - feat: Added support for per link curve styling in flowchart diagram using edge ids

Patch Changes

• #6857 b9ef683 Thanks @knsv! - feat: Exposing elk configuration forceNodeModelOrder and considerModelOrder to the mermaid configuration

• #6653 2c0931d Thanks @darshanr0107! - chore: Remove the "-beta" suffix from the XYChart, Block, Sankey diagrams to reflect their stable status

• #6683 33e08da Thanks @darshanr0107! - fix: Position the edge label in state diagram correctly relative to the edge

• #6693 814b68b Thanks @darshanr0107! - fix: Apply correct dateFormat in Gantt chart to show only day when specified

• #6734 fce7cab Thanks @darshanr0107! - fix: handle exclude dates properly in Gantt charts when using dateFormat: 'YYYY-MM-DD HH:mm:ss'

• #6733 fc07f0d Thanks @omkarht! - fix: fixed connection gaps in flowchart for roundedRect, stadium and diamond shape

• #6876 12e01bd Thanks @sidharthv96! - fix: sanitize icon labels and icon SVGs

  Resolves CVE-2025-54880 reported by @fourcube

• #6801 01aaef3 Thanks @sidharthv96! - fix: Update casing of ID in requirement diagram

• #6796 c36cd05 Thanks @HashanCP! - fix: Make flowchart elk detector regex match less greedy

• #6702 8bb29fc Thanks @qraqras! - fix(block): overflowing blocks no longer affect later lines

  This may change the layout of block diagrams that have overflowing lines
  (i.e. block diagrams that use up more columns that the columns specifier).

• #6717 71b04f9 Thanks @darshanr0107! - fix: log warning for blocks exceeding column width

  This update adds a validation check that logs a warning message when a block's width exceeds the defined column layout.

• #6820 c99bce6 Thanks @kriss-u! - fix: Add escaped class literal name on namespace

• #6332 6cc1926 Thanks @ajuckel! - fix: Allow equals sign in sequenceDiagram labels

• #6651 9da6fb3 Thanks @darshanr0107! - Add validation for negative values in pie charts:

  Prevents crashes during parsing by validating values post-parsing.

  Provides clearer, user-friendly error messages for invalid negative inputs.

• #6803 e48b0ba Thanks @omkarht! - chore: migrate to class-based ArchitectureDB implementation

• #6838 4d62d59 Thanks @saurabhg772244! - fix: node border style for handdrawn shapes

• #6739 e9ce8cf Thanks @kriss-u! - fix: Update flowchart direction TD's behavior to be the same as TB

• #6833 9258b29 Thanks @darshanr0107! - fix: correctly render non-directional lines for '---' in block diagrams

• #6855 da90f67 Thanks @sidharthv96! - fix: fallback to raw text instead of rendering Unsupported markdown or empty blocks

  Instead of printing Unsupported markdown: XXX, or empty blocks when using a markdown feature
  that Mermaid does not yet support when htmlLabels: true(default) or htmlLabels: false,
  fallback to the raw markdown text.

• #6876 0133f1c Thanks @sidharthv96! - fix: sanitize KATEX blocks

  Resolves CVE-2025-54881 reported by @fourcube

• #6804 895f9d4 Thanks @omkarht! - chore: Update packet diagram to use new class-based database structure

Patch Changes

• #6798 3ffe961 Thanks @MrCoder! - Fixed a critical bug that the ZenUML diagram is not rendered.

• Updated dependencies [b9ef683, 2c0931d, 33e08da, 814b68b, fce7cab, fc07f0d, 12e01bd, 01aaef3, daf8d8d, c36cd05, 8bb29fc, 71b04f9, c99bce6, 6cc1926, 9da6fb3, e48b0ba, 4d62d59, e9ce8cf, 9258b29, da90f67, 0133f1c, 895f9d4]:

  • mermaid@11.10.0

Patch Changes

• #6857 b9ef683 Thanks @knsv! - feat: Exposing elk configuration forceNodeModelOrder and considerModelOrder to the mermaid configuration

• #6849 2260948 Thanks @anderium! - Make elk not force node model order, but strongly consider it instead

• Updated dependencies [b9ef683, 2c0931d, 33e08da, 814b68b, fce7cab, fc07f0d, 12e01bd, 01aaef3, daf8d8d, c36cd05, 8bb29fc, 71b04f9, c99bce6, 6cc1926, 9da6fb3, e48b0ba, 4d62d59, e9ce8cf, 9258b29, da90f67, 0133f1c, 895f9d4]:

  • mermaid@11.10.0

Minor Changes

• #6453 5acbd7e Thanks @sidharthv96! - feat: Add getRegisteredDiagramsMetadata to mermaid, which returns all the registered diagram IDs in mermaid

Patch Changes

• #6738 d90634b Thanks @shubham-mermaid! - chore: Updated TreeMapDB to use class based approach

• #6510 7a38eb7 Thanks @sidharthv96! - chore: Move packet diagram out of beta

• #6747 3e3ae08 Thanks @darshanr0107! - fix: adjust sequence diagram title positioning to prevent overlap with top border in Safari

• #6751 d3e2be3 Thanks @darshanr0107! - chore: Update MindmapDB to use class based approach

• #6715 637680d Thanks @Syn3ugar! - fix(timeline): fix loading leftMargin from config

  The timeline.leftMargin config value should now correctly control the size of the left margin, instead of being ignored.

• Updated dependencies [7a38eb7]:

  • @mermaid-js/parser@0.6.2

Patch Changes

• Updated dependencies [0da2922]:
  • @mermaid-js/parser@0.6.1

Patch Changes

• Updated dependencies [0da2922]:
  • @mermaid-js/parser@0.6.1