Skip to content

symbolix/ycmd

BranchesTags
 
 

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

36 Commits

clang_includes

clang_includes

 
 

cpp

cpp

 
 

third_party

third_party

 
 

ycmd

ycmd

 
 

.gitignore

.gitignore

 
 

.gitmodules

.gitmodules

 
 

.travis.yml

.travis.yml

 
 

CONTRIBUTING.md

CONTRIBUTING.md

 
 

COPYING.txt

COPYING.txt

 
 

README.md

README.md

 
 

build.sh

build.sh

 
 

run_tests.sh

run_tests.sh

 
 

style_format.sh

style_format.sh

 
 

test_requirements.txt

test_requirements.txt

 
 

update_boost.sh

update_boost.sh

 
 

Repository files navigation

ycmd: a code-completion & comprehension server

Build Status

ycmd is a server that provides APIs for code-completion and other code-comprehension use-cases like semantic GoTo commands (and others). For certain filetypes, ycmd can also provide diagnostic errors and warnings.

ycmd was originally part of YouCompleteMe's codebase, but has been split out into a separate project so that it can be used in editors other than Vim.

The best way to learn how to interact with ycmd is by reading through the example_client.py file [NOTE: Which I haven't yet written].

API notes

  • All strings going into and out of the server are UTF-8 encoded.
  • All line and column numbers are 1-based, not 0-based.
  • All requests to the server must include an HMAC in the x-ycm-hmac HTTP header. The HMAC is computed from the shared secret passed to the server on startup and the request/response body. The digest algorithm is SHA-256. The server will also include the HMAC in its responses; you must verify it before using the response. See example_client.py [NOTE: Which I haven't yet written] to see how it's done.

Backwards compatibility

ycmd's HTTP+JSON interface follows SemVer. While ycmd has seen extensive use over the last several months as part of YCM, the version number is below 1.0 because some parts of the API might change slightly as people discover possible problems integrating ycmd with other editors. In other words, the current API might unintentionally be Vim-specific. We don't want that.

Note that ycmd's internal API's (i.e. anything other than HTTP+JSON) are NOT covered by SemVer and will randomly change underneath you. DON'T interact with the Python/C++/etc code directly!

FAQ

Is HMAC auth for requests/responses really necessary?

Without the HMAC auth, it's possible for a malicious website to impersonate the user. Don't forget that evil.com can send requests to servers listening on localhost if the user visits evil.com in a browser.

This is not a theoretical concern; a working proof-of-concept remote code execution exploit was created for ycmd running on localhost. The HMAC auth was added to block this attack vector.

Contact

If you have questions about the plugin or need help, please use the ycmd-users mailing list.

The author's homepage is http://val.markovic.io.

Project Management

This open-source project is run by me, Strahinja Val Markovic. I also happen to work for Google and the code I write here is under Google copyright (for the sake of simplicity and other reasons). This does NOT mean that this is an official Google product (it isn't) or that Google has (or wants to have) anything to do with it.

License

This software is licensed under the [GPL v3 license][gpl]. © 2014 Google Inc.

About

A code-completion & code-comprehension server

Resources

Readme

License

GPL-3.0 license
Activity

Stars

0 stars

Watchers

2 watching

Forks

0 forks
Report repository

Releases

No releases published

Packages

No packages published