Search code examples
github-package-registry

How to delete/remove/unlink/unversion a package from the Github Package Registry


Question: How can I make a package "disappear" from Github Package Registry?

  • Documentation says: You cannot "delete" but a package "disappears" when all versions are removed.

Background:

  • A typo in the Gradle publish task resulted in the release of packages which should not be published.

Steps so far:

  • I did not find a "delete" option on the Github Web App.
  • I tried to delete via the GraphQL API of Github but I need a package ID for this command:
curl -X POST \
-H "Accept: application/vnd.github.package-deletes-preview+json" \
-H "Authorization: bearer ACCESS_TOKEN" \
-d '{"query":"mutation { deletePackageVersion(input:{packageVersionId:\"PACKAGE_ID==\"}) { success }}"}' \
https://api.github.com/graphql
  • I did not find the full packageVersionId on the Github Web App.
  • I tried to query the API for the Package IDs but failed to form a valid query:
curl -X POST \
-H "Accept: application/vnd.github.package-deletes-preview+json" \
-H "Authorization: bearer ACCESS_TOKEN" \
-d "query {
  organization(login: "ORGANIZATION_ACCOUNT") {
    registryPackages {
      edges {
        node {
          name
          id
        }
      }
    }
  }
}" \
https://api.github.com/graphql

# The API returns:
{
  "message": "Problems parsing JSON",
  "documentation_url": "https://developer.github.com/v4"
}
  • I tried to use the GraphQL API Explorer but I the automatically set up token misses the sufficient rights:
# See query above - the API returns via the Explorer:
{
  "errors": [
    {
      "type": "INSUFFICIENT_SCOPES",
      "locations": [
        {
          "line": 6,
          "column": 11
        }
      ],
      "message": "Your token has not been granted the required scopes to execute this query. The 'name' field requires one of the following scopes: ['read:packages'], but your token has only been granted the: ['read:gpg_key', 'read:org', 'read:public_key', 'read:repo_hook', 'repo', 'user'] scopes. Please modify your token's scopes at: https://github.com/settings/tokens."
    },
    {
      "type": "INSUFFICIENT_SCOPES",
      "locations": [
        {
          "line": 7,
          "column": 11
        }
      ],
      "message": "Your token has not been granted the required scopes to execute this query. The 'id' field requires one of the following scopes: ['read:packages'], but your token has only been granted the: ['read:gpg_key', 'read:org', 'read:public_key', 'read:repo_hook', 'repo', 'user'] scopes. Please modify your token's scopes at: https://github.com/settings/tokens."
    }
  ]
}
  • I did not find an option on the Explorer Web App to set another access token.

Desired Solution

  • I like to know if there is a simpler way to do this and if not, how to get the packageVersionIds required to un-link the packages so that they disappear.

Update1: It's about packages published to a public repository.


Solution

  • Removing a package from a public registry is not allowed, however you can remove a version of a package from a private registry as mentioned in GitHub docs:

    Now it is available to delete on GitHub directly:

    1. On GitHub, navigate to the main page of the repository.
    2. To the right of the list of files, click Packages.
    3. Click the name of the package that you want to delete.
    4. On the right, use the Edit package drop-down and select "Manage versions".
    5. To the right of the version you want to delete, click Delete.
    6. To confirm deletion, type the package name and click I understand the consequences, delete this version.

    GraphQL was the only method for this purpose in the past:

    $ curl -X POST https://api.github.com/graphql \
    -H "Accept: application/vnd.github.package-deletes-preview+json" \
    -H "Authorization: bearer <github_token>" \
    -d '{"query":"mutation { deletePackageVersion(input:{packageVersionId:\"MDE0OlBhY2thZ2VWZXJzaW9uMzc5MTE0kFcA\"}) { success }}"}'
    

    Version id of GitHub packages can be listed as follows:

    $ curl -sL -X POST https://api.github.com/graphql \
    -H "Authorization: bearer <github_token>" \
    -d '{"query":"query{repository(owner:\"<repo_owner>\",name:\"<repo_name>\"){packages(first:10){nodes{packageType,name,id,versions(first:10){nodes{id,version,readme}}}}}}"}' | jq .
    

    Update the parameters below with yours:

    • <github_token>
    • <repo_owner>
    • <repo_name>

    It returns as follows:

    {
      "data": {
        "repository": {
          "registryPackages": {
            "nodes": [
              {
                "packageType": "DOCKER",
                "registryPackageType": "docker",
                "name": "demo_image_1",
                "nameWithOwner": "aki***/demo_image_1",
                "id": "MDc6UGFja2FnZTYzNjg3AkFc",
                "versions": {
                  "nodes": [
                    {
                      "id": "MDE0OlBhY2thZ2VWZXJzaW9uMzc5MTE0kFcA",
                      "version": "0.1a",
                      "readme": null
                    },
                    {
                      "id": "MDE0OlBhY2thZ2VWZXJzaW9uMzYzNTY2FcAk",
                      "version": "0.1",
                      "readme": null
                    },
                    {
                      "id": "MDE0OlBhY2thZ2VWZXJzaW9uMzYzNTY0cAkF",
                      "version": "docker-base-layer",
                      "readme": null
                    }
                  ]
                }
              },
            ]
          }
        }
      }