A code-completion & code-comprehension server
C++ C Python CMake Shell M4 Other
Latest commit 5a7e7e7 Feb 26, 2017 @homu homu Auto merge of #711 - micbou:debian-based-distributions-nodejs, r=vall…

[READY] Fix finding node on Debian-based distributions

On Debian-based distributions, `node` is installed by default as `nodejs`. See issue Valloric/YouCompleteMe#2532. We fix that by looking for `nodejs` before `node`. We also need to change how we start the `tsserver` script because it contains the line `#!/usr/bin/env node` at the top.

<!-- Reviewable:start -->
This change is [<img src="https://reviewable.io/review_button.svg" height="34" align="absmiddle" alt="Reviewable"/>](https://reviewable.io/reviews/valloric/ycmd/711)
<!-- Reviewable:end -->
Failed to load latest commit information.
ci Use rustup to install Rust and Cargo on CI services Feb 2, 2017
clang_includes/include Bump Clang version to 3.9.0 Sep 5, 2016
cpp Remove GetCandidatesForStrings taking CompletionData Feb 19, 2017
examples Handle POST request without body in example client Sep 8, 2016
third_party Ternjs version updated to package.json Feb 20, 2017
ycmd Auto merge of #711 - micbou:debian-based-distributions-nodejs, r=vall… Feb 25, 2017
.coveragerc Enable Python subprocesses coverage Jul 22, 2016
.gitignore Support coverage testing of c++ code Nov 6, 2016
.gitmodules Ignoring dirty repo state for godef submodule Feb 8, 2016
.travis.yml Use rustup to install Rust and Cargo on CI services Feb 2, 2017
CODE_OF_CONDUCT.md Adding an explicit Contributor Code of Conduct Jan 26, 2016
CONTRIBUTING.md Tests for ToUnicode and ToBytes + bugfixes Feb 12, 2016
COPYING.txt Adding the license file May 17, 2014
CORE_VERSION core_version bump and tabs to spaces Feb 6, 2017
DEV_SETUP.md Fix strange characters in DEV_SETUP.md Jun 19, 2016
README.md Add Geany and GNU nano clients to readme Feb 8, 2017
TESTS.md Use codecov bash uploader Nov 17, 2016
Vagrantfile Unbreak vagrant config for non-parallels May 29, 2016
appveyor.yml Drop MSVC 11 to pass appveyor ci Feb 4, 2017
build.py Fix finding node on Debian-based distributions Feb 22, 2017
codecov.yml Support coverage testing of c++ code Nov 6, 2016
run_tests.py Support coverage testing of c++ code Nov 6, 2016
style_format.sh Removing ycm_client_support Feb 23, 2016
test_requirements.txt Exclude psutil 5.0.1 from test requirements Jan 22, 2017
tox.ini Update flake8 config Mar 6, 2016
update_boost.py Bump Boost version to 1.63.0 Dec 29, 2016
vagrant_bootstrap.sh Build Python as a shared library on Vagrant May 22, 2016


ycmd: a code-completion & comprehension server

Build Status Build status Coverage Status

ycmd is a server that provides APIs for code-completion and other code-comprehension use-cases like semantic GoTo commands (and others). For certain filetypes, ycmd can also provide diagnostic errors and warnings.

ycmd was originally part of YouCompleteMe's codebase, but has been split out into a separate project so that it can be used in editors other than Vim.

The best way to learn how to interact with ycmd is by reading through (and running) the example_client.py file. See the README for the examples folder for details on how to run the example client.

Known ycmd clients:

Feel free to send a pull request adding a link to your client here if you've built one.


If you're looking to develop ycmd, see the instructions for setting up a dev environment and for running the tests.

This is all for Ubuntu Linux. Details on getting ycmd running on other OS's can be found in YCM's instructions (ignore the Vim-specific parts). Note that ycmd runs on Python 2.6, 2.7 and 3.3+.

First, install the dependencies:

sudo apt-get install build-essential cmake python-dev

When you first clone the repository you'll need to update the submodules:

git submodule update --init --recursive

Then run ./build.py --all. This should get you going.

For more detailed instructions on building ycmd, see YCM's instructions (ignore the Vim-specific parts).

API notes

  • All strings going into and out of the server are UTF-8 encoded.
  • All line and column numbers are 1-based, not 0-based. They are also byte offsets, not Unicode codepoint offsets.
  • All file paths are full, absolute paths.
  • All requests to the server must include an HMAC in the x-ycm-hmac HTTP header. The HMAC is computed from the shared secret passed to the server on startup and the request/response body. The digest algorithm is SHA-256. The server will also include the HMAC in its responses; you must verify it before using the response. See example_client.py to see how it's done.

How ycmd works

There are several completion engines in ycmd. The most basic one is an identifier-based completer that collects all of the identifiers in the file provided in the completion request, other files of the same filetype that were provided previously and any tags files produced by ctags. This engine is non-semantic.

There are also several semantic engines in YCM. There's a libclang-based completer that provides semantic completion for C-family languages. There's also a Jedi-based completer for semantic completion for Python, an OmniSharp-based completer for C#, a Gocode-based completer for Go (using Godef for jumping to definitions), and a TSServer-based completer for TypeScript. More will be added with time.

There are also other completion engines, like the filepath completer (part of the identifier completer).

The server will automatically detect which completion engine would be the best in any situation. On occasion, it queries several of them at once, merges the outputs and presents the results.

Semantic engines are triggered only after semantic "triggers" are inserted in the code. If the request received shows that the user's cursor is after the last character in string foo; foo. in a C# file, this would trigger the semantic engine to examine members of foo because . is a default semantic trigger for C# (triggers can be changed dynamically). If the text were string foo; foo.zoo, semantic completion would still be triggered (the trigger is behind the zoo word the user is typing) and the results would be filtered with the zoo query.

Semantic completion can also be forced by setting force_semantic: true in the JSON data for the completion request, but you should only do this if the user explicitly requested semantic completion with a keyboard shortcut; otherwise, leave it up to ycmd to decide when to use which engine.

The reason why semantic completion isn't always used even when available is because the semantic engines can be slow and because most of the time, the user doesn't actually need semantic completion.

There are two main use-cases for code-completion:

  1. The user knows which name they're looking for, they just don't want to type the whole name.
  2. The user either doesn't know the name they need or isn't sure what the name is. This is also known as the "API exploration" use-case.

The first use case is the most common one and is trivially addressed with the identifier completion engine (which BTW is blazing fast). The second one needs semantic completion.

Completion string filtering

A critical thing to note is that the completion filtering is NOT based on the input being a string prefix of the completion (but that works too). The input needs to be a subsequence match of a completion. This is a fancy way of saying that any input characters need to be present in a completion string in the order in which they appear in the input. So abc is a subsequence of xaybgc, but not of xbyxaxxc.

Completion string ranking

The subsequence filter removes any completions that do not match the input, but then the sorting system kicks in. It's a bit involved, but roughly speaking "word boundary" (WB) subsequence character matches are "worth" more than non-WB matches. In effect, this means given an input of "gua", the completion "getUserAccount" would be ranked higher in the list than the "Fooguxa" completion (both of which are subsequence matches). A word-boundary character are all capital characters, characters preceded by an underscore and the first letter character in the completion string.

Auto-shutdown if no requests for a while

If the server hasn't received any requests for a while (controlled by the --idle_suicide_seconds ycmd flag), it will shut itself down. This is useful for cases where the process that started ycmd dies without telling ycmd to die too or if ycmd hangs (this should be extremely rare).

If you're implementing a client for ycmd, ensure that you have some sort of keep-alive background thread that periodically pings ycmd (just call the /healthy handler, although any handler will do).

You can also turn this off by passing --idle_suicide_seconds=0, although that isn't recommended.

Exit codes

During startup, ycmd attempts to load the ycm_core library and exits with one of the following return codes if unsuccessful:

  • 3: unexpected error while loading the library;
  • 4: the ycm_core library is missing;
  • 5: the ycm_core library is compiled for Python 3 but loaded in Python 2;
  • 6: the ycm_core library is compiled for Python 2 but loaded in Python 3;
  • 7: the version of the ycm_core library is outdated.

User-level customization

You can provide settings to ycmd on server startup. There's a default_settings.json file that you can tweak. See the Options section in YCM's User Guide for a description on what each option does. Pass the path to the modified settings file to ycmd as an --options_file=/path/to/file flag. Note that you must set the hmac_secret setting (encode the value with base64). Because the file you are passing contains a secret token, ensure that you are creating the temporary file in a secure way (the mkstemp() Linux system call is a good idea; use something similar for other OS's).

After it starts up, ycmd will delete the settings file you provided after it reads it.

The settings file is something your editor should produce based on values your user has configured. There's also an extra file (.ycm_extra_conf.py) your user is supposed to provide to configure certain semantic completers. More information on it can also be found in the corresponding section of YCM's User Guide.

.ycm_extra_conf.py specification

The .ycm_extra_conf.py module must define the following methods:

FlagsForFile( filename, **kwargs )

Required for c-family language support.

This method is called by the c-family completer to get the compiler flags to use when compiling the file with absolute path filename. The following additional arguments are optionally supplied depending on user configuration:

The return value must be one of the following:

  • None meaning no flags are known for this file, or

  • a dictionary containing the following items:

    • flags: (mandatory) a list of compiler flags.

    • do_cache: (optional) a boolean indicating whether or not the result of this call (i.e. the list of flags) should be cached for this file name. Defaults to True. If unsure, the default is almost always correct.

    • flags_ready: (optional) a boolean indicating that the flags should be used. Defaults to True. If unsure, the default is almost always correct.

A minimal example which simply returns a list of flags is:

def FlagsForFile( filename, **kwargs ):
  return {
    'flags': [ '-x', 'c++' ]

Global extra conf file specification

The global extra module must expose the same functions as the .ycm_extra_conf.py module with the following additions:



This method, if defined, is called by the server prior to importing the c++ python plugin. It is not usually required and its use is for advanced users only.



Called prior to the server exiting cleanly. It is not usually required and its use is for advanced users only.

Backwards compatibility

ycmd's HTTP+JSON interface follows SemVer. While ycmd has seen extensive use over the last several years as part of YCM, the version number is below 1.0 because some parts of the API might change slightly as people discover possible problems integrating ycmd with other editors. In other words, the current API might unintentionally be Vim-specific. We don't want that.

Note that ycmd's internal API's (i.e. anything other than HTTP+JSON) are NOT covered by SemVer and will randomly change underneath you. DON'T interact with the Python/C++/etc code directly!


Is HMAC auth for requests/responses really necessary?

Without the HMAC auth, it's possible for a malicious website to impersonate the user. Don't forget that evil.com can send requests to servers listening on localhost if the user visits evil.com in a browser.

This is not merely a theoretical concern; a working proof-of-concept remote code execution exploit was created for ycmd running on localhost. The HMAC auth was added to block this attack vector.

Contributor Code of Conduct

Please note that this project is released with a Contributor Code of Conduct. By participating in this project you agree to abide by its terms.


If you have questions about the plugin or need help, please use the ycmd-users mailing list.

The author's homepage is http://val.markovic.io.


This software is licensed under the GPL v3 license. © 2015 ycmd contributors