Removing a published RubyGem

Published a gem before it was ready to released? Published a gem with the wrong name? Look here for help.

Screencast

Tutorial

You can now use the gem yank command to remove versions from RubyGems.org's index. In order to get this you'll need RubyGems 1.3.6+ and gemcutter 0.5.0+. Use the following commands if you're out of date:

gem update --system
gem install gemcutter

Running gem yank will remove your gem from being available with gem install and the other gem commands. We keep the gem available for download still for two main reasons:

1) Other gems may have been pushed that depend on your gem.
2) A mass deletion of important community based gems can be easily prevented.

If you need the gem permanently removed, just start a new dicussion here on help.rubygems.org, and we'll take care of it for you. PLEASE ONLY DO THIS IF THERE IS AN URGENT PROBLEM WITH THE GEM. (Passwords, malicious code, etc). Our webhooks system means that several hundred services get pinged when new gems are pushed, so it's prudent to immediately reset any passwords/sensitive data you accidentally pushed instead of waiting for us to delete a gem. Please read the FAQ below before submitting an issue to remove a gem.

FAQ

Why can't I repush a gem version?

This causes several problems to start happening:

  • Mirrors that comb the site (with gem mirror) would be out of sync.
  • Clients can't verify the contents of gems (via MD5 or something similar) so they could download different versions, expecting the same code.
  • You're not going to run out of gem versions, just push a new one.

I just renamed my gem. Can you delete the old one?

Once you've yanked all versions of a gem, anyone can push onto that same gem namespace and effectively take it over. This way, we kind of automate the process of taking over old gem namespaces. Having the old gem stick around doesn't cost the service too much (a few KB on S3 doesn't hurt our wallet too much).

No one needs that gem, or is going to ever download it...why can't I just delete it?

Our policy is to only perma-delete gems that really need it, such as gems that may contain passwords, malicious/harmful code, etc. Yanking a gem effectively removes it from being found and will do the trick in 99% percent of situations.

I don't want to be using up the namespace

Once you've yanked all versions of a gem the namespace is free for others to use. If you accidentally pushed the wrong name once yank it and it'll be free for others to use.

Recent Discussions

29 Aug, 2014 06:23 PM
28 Aug, 2014 07:18 PM
27 Aug, 2014 12:03 PM
26 Aug, 2014 07:09 PM
26 Aug, 2014 07:07 PM