Removing an accidentally pushed gem
Here are the steps you should follow when you have accidentally pushed a gem with passwords or other private content.
Yank the gem using
gem yankwhich will prevent installs using
gem install. The gem will NOT be downloadable using the download link on rubygems.org.
If the gem contained passwords, or private keys immediately change them. Due to webhooks on rubygems.org your gem has already been downloaded by third parties.
allowed_push_hostmetadata to your gemspec so future gems cannot be pushed to rubygems.org by mistake.