Plantuml For Github Chrome extension icon

Plantuml For Github

👥 4K+ users
📦 v0.2.4
💾 1.96MiB
📅 2026-05-21
View on Chrome Web Store

Chrome will indicate if you already have this installed.

Overview

PlantUML for GitHub

A Chrome extension that renders "plantuml" code blocks directly on GitHub pages, using the TeaVM-compiled PlantUML engine that runs entirely client-side.

Hosted at https://github.com/plantuml/plantuml-for-github

No server. No tokens. No tracking. Zero permissions.

HOW IT WORKS

1. The extension's content script scans every GitHub page for "plantuml" code blocks.
2. Each block is replaced with a sandboxed "<iframe>" packaged inside the extension.
3. The iframe loads the TeaVM-compiled "plantuml.js" engine and renders the diagram to SVG.
4. The result is displayed inline in the page, inside a small wrapper with a header bar.
5. The header bar shows a toggle button (top-left of the wrapper) that switches between the rendered diagram and the original PlantUML source. The source view uses GitHub's own syntax highlighting, so it looks exactly as it would without the extension installed.

This is the same architecture GitHub already uses for Mermaid — proving that client-side PlantUML can be integrated natively with zero infrastructure cost.

SECURITY AND PERMISSIONS

Minimal Permissions: It requires no host permissions, storage, or tabs API. The only declared permission is clipboardWrite, which is strictly used to power the user-triggered "Copy as Bitmap" button, allowing the generated diagram to be copied directly to the clipboard.

One thing worth calling out is the extension's Content Security Policy. The
Manifest V3 default CSP for extension pages is essentially "script-src 'self'",
which blocks WebAssembly. We need to relax it slightly to enable WebAssembly.

Why? PlantUML renders sequence diagrams directly to SVG, but anything that
needs graph layout — class, component, deployment, state, use-case, and
activity diagrams — is laid out by the embedded Graphviz engine, which
ships as a WebAssembly module (viz-global.js). Instantiating that module
requires the 'wasm-unsafe-eval' CSP source.

'wasm-unsafe-eval' is a narrowly scoped directive: despite the scary name,
it ONLY allows WebAssembly compilation and instantiation. It does NOT
re-enable "eval()" or "new Function()" — those remain blocked. No remote
scripts can be loaded either; "script-src 'self'" still applies. Google
documents this directive as the supported way to ship WASM in MV3 extensions.

In short: the engine runs entirely inside a sandboxed iframe with an opaque
origin, with no network access and no shared state with the host page.

ROADMAP

- [x] MVP: detect and render plantuml blocks
- [x] Firefox support (Manifest V3 is now supported in Firefox)
- [x] "Copy as Bitmap" buttons
- [x] Theme matching (light/dark) — follows GitHub's color mode
- [x] Support puml and wsd language aliases
- [ ] Options page (toggle, performance settings)
- [x] Chrome Web Store publication

WHY THIS EXTENSIONS EXISTS

PlantUML support on GitHub has been requested for 4+ years: https://github.com/orgs/community/discussions/10111

The main blocker was performance and infrastructure cost. With the TeaVM-compiled engine, that blocker no longer exists.
This extension demonstrates that PlantUML can run natively on GitHub.com with zero server-side changes — using the exact same sandbox pattern GitHub uses for Mermaid.

If you'd like to see this integrated natively, please upvote the discussion: https://github.com/orgs/community/discussions/10111

PRIVACY

Zero permissions. Zero tracking. Zero network requests.
Everything runs locally in a sandboxed iframe.

LINKS

Source code: https://github.com/plantuml/plantuml-for-github
Discussion: https://github.com/orgs/community/discussions/10111

LICENSE: MIT

Tags

Productivity/developer developer productivity/developer

Privacy Practices

Not being sold to third parties, outside of the approved use cases
Not being used or transferred for purposes that are unrelated to the item's core functionality
Not being used or transferred to determine creditworthiness or for lending purposes

🔐 Security Analysis

This extension hasn't been security-scanned yet.

Capture a screenshot of your current page in entirety and reliably—without requesting any extra permissions!
Productivity/developer AI
브라우저에서 라온시큐어의 PC보안 기능을 사용하기 위한 확장 프로그램입니다.
Productivity/developer
Adds React debugging tools to the Chrome Developer Tools. Created from revision 3cde211b0c on 10/20/2025.
Productivity/developer