0a4f3e7dab
* New article title & reposition article * Update links * Remove "Deleting a container image" article * Reusable shuffle * Add GHES versioned article * more context * Revise main article * Reminder of permissions * Update some copy * Add "deleting a package" to TOC * Add versioning around links * Update restore package procedure * Update permissions statements * Fix GHES link * Apply suggestions from code review Co-authored-by: Martin Lopes <martin389@github.com> * Use "entire" language * GraphQL nuance * New intro + actions * Fix GHES link * Package deletion 2.0 follow up (#17855) * Remove GHES 3.1 versioning * 3.0 or less * Revert "Remove GHES 3.1 versioning" This reverts commit 9bbc0bd57c1c7ba23097f3f4b9a830c13941402c. * Revert "3.0 or less" This reverts commit dfd2f48e4a4da62c2594fbeaeb12eacda5afc6d4. * Revert "Revert "Remove GHES 3.1 versioning"" This reverts commit ef90065eb2883041b15bd2d50f97e4f07cf04768. * Ditch unnecessary package namespace references and rework permissions framing * Add placeholder note so PR tests will pass * Add versioning around package deletion mentions outside of main deletion articles * Add placeholder around link so it will go live * Add `audit_log` entries * Apply suggestions from code review Co-authored-by: Shati Patel <42641846+shati-patel@users.noreply.github.com> * Apply Shati's suggestion * Remove duplicate line Co-authored-by: Shati Patel <42641846+shati-patel@users.noreply.github.com> * Package deletion 2.0 last updates (#17880) * Update versioning and placeholder note * syntax improvement * Note the 25 downloads caveat * Add more headings * Apply suggestions from code review * Apply suggestions from code review * Apply suggestions from code review Co-authored-by: Sarah Edwards <skedwards88@github.com> * Apply suggestions from code review * Apply suggestions from code review * Packages REST API page (#17808) * Add draft of packages REST page * Add packages in TOC * Rewrite Packages API introductory info * Fix space * Rewrite conceptual API intro content * Revise this line * Apply suggestions from code review * Apply suggestions from code review * Apply suggestions from code review Co-authored-by: Mark Phelps <markphelps@github.com> * Add rewrite * Add de dereferenced files * Add the decorated files * ALL of the decorated files * Revert "ALL of the decorated files" This reverts commit 38f13dcd75078f2eacb53dfd0b31c79737966656. * Revert "Add the decorated files" This reverts commit b0c8a2096c8b19e62404585f97298ab42822d3e5. * Revert "Add de dereferenced files" This reverts commit abd377c8eb804e9c69dffa9b0c01ec64fb500727. * Commit the lib/rest/static files to preview changes on staging * Revert "Commit the lib/rest/static files to preview changes on staging" This reverts commit acb121ae9d8bd2e23b00ebb14848e7b83aeddf5b. Co-authored-by: Mark Phelps <markphelps@github.com> * Commit static files to preview endpoints on staging * Update references to API support * remove static rest api files * ditch "as a user" for now * Rearrange based on feedback * Last tidbits * Update OpenAPI Descriptions (#17893) * Update OpenAPI Descriptions * Add decorated OpenAPI schema files * link fix Co-authored-by: Martin Lopes <martin389@github.com> Co-authored-by: Shati Patel <42641846+shati-patel@users.noreply.github.com> Co-authored-by: Sarah Edwards <skedwards88@github.com> Co-authored-by: Mark Phelps <markphelps@github.com> Co-authored-by: github-openapi-bot <69533958+github-openapi-bot@users.noreply.github.com>
16 KiB
title, intro, product, redirect_from, versions
| title | intro | product | redirect_from | versions | ||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|
| Deleting and restoring a package | Learn how to delete or restore a package. | {% data reusables.gated-features.packages %} |
|
|
{% data reusables.package_registry.packages-ghes-release-stage %}
Package deletion and restoration support on {% data variables.product.prodname_dotcom %}
On {% data variables.product.prodname_dotcom %} if you have the required access, you can delete:
- an entire private package
- an entire public package, if there's not more than 25 downloads of any version of the package
- a specific version of a private package
- a specific version of a public package, if the package version doesn't have more than 25 downloads
{% note %}
Note:
- You cannot delete a public package if any version of the package has more than 25 downloads. In this scenario, contact GitHub support for further assistance.
- When deleting public packages, be aware that you may break projects that depend on your package.
{% endnote %}
On {% data variables.product.prodname_dotcom %}, you can also restore an entire package or package version, if:
- You restore the package within 30 days of its deletion.
- The same package namespace is still available and not used for a new package.
Packages API support
{% if currentVersion == "free-pro-team@latest" %}
You can use the REST API to manage your packages. For more information, see the "{% data variables.product.prodname_registry %} API."
{% endif %}
For packages that inherit their permissions and access from repositories, you can use GraphQL to delete a specific package version.{% if currentVersion == "free-pro-team@latest" %} The {% data variables.product.prodname_registry %} GraphQL API does not support containers or Docker images that use the package namespace https://ghcr.io/OWNER/PACKAGE-NAME. For more information about GraphQL support, see "Deleting a version of a repository-scoped package with GraphQL."
{% data reusables.package_registry.container-registry-beta %}
{% endif %}
Required permissions to delete or restore a package
For packages that inherit their access permissions from repositories, you can delete a package if you have admin permissions to the repository.
Repository-scoped packages on {% data variables.product.prodname_registry %} include these packages:
- npm
- RubyGems
- maven
- Gradle
- NuGet
- Docker images at
docker.pkg.github.com/OWNER/REPOSITORY/IMAGE-NAME
{% if currentVersion == "free-pro-team@latest" %}
To delete a package that has granular permissions separate from a repository, such as containers or Docker images stored at https://ghcr.io/OWNER/PACKAGE-NAME, you must have admin access to the package.
{% data reusables.package_registry.container-registry-beta %}
{% endif %}
Automate package version deletion with {% data variables.product.prodname_actions %}
You can automate package version deletion using an official action created by {% data variables.product.company_short %}. This action is available in the actions repository or on {% data variables.product.prodname_marketplace %} and only works with repository-scoped packages. For more information, see the "Delete Package Versions" action on {% data variables.product.prodname_marketplace %} or in the actions repository.
Deleting a package version
Deleting a version of a repository-scoped package on {% data variables.product.prodname_dotcom %}
To delete a version of a repository-scoped package, you must have admin permissions to the repository that owns the package. For more information, see "Required permissions."
{% data reusables.repositories.navigate-to-repo %}
{% data reusables.package_registry.packages-from-code-tab %}
{% data reusables.package_registry.package-settings-option %}
5. On the left, click Manage versions.
5. To the right of the version you want to delete, click {% octicon "kebab-horizontal" aria-label="The horizontal kebab icon" %} and select Delete version.
6. To confirm deletion, type the package name and click I understand the consequences, delete this version.
Deleting a version of a repository-scoped package with GraphQL
For packages that inherit their permissions and access from repositories, you can use the GraphQL to delete a specific package version.
{% if currentVersion == "free-pro-team@latest" %}
GraphQL is not supported for containers or Docker images at ghcr.io.
{% endif %}
Use the deletePackageVersion mutation in the GraphQL API. You must use a token with the read:packages, delete:packages, and repo scopes. For more information about tokens, see "About {% data variables.product.prodname_registry %}."
The following example demonstrates how to delete a package version, using a packageVersionId of MDIyOlJlZ2lzdHJ5UGFja2FnZVZlcnNpb243MTExNg.
curl -X POST \
-H "Accept: application/vnd.github.package-deletes-preview+json" \
-H "Authorization: bearer TOKEN" \
-d '{"query":"mutation { deletePackageVersion(input:{packageVersionId:\"MDIyOlJlZ2lzdHJ5UGFja2FnZVZlcnNpb243MTExNg==\"}) { success }}"}' \
HOSTNAME/graphql
To find all of the private packages you have published to {% data variables.product.prodname_registry %}, along with the version IDs for the packages, you can use the packages connection through the repository object. You will need a token with the read:packages and repo scopes. For more information, see the packages connection or the PackageOwner interface.
For more information about the deletePackageVersion mutation, see "deletePackageVersion."
You cannot directly delete an entire package using GraphQL, but if you delete every version of a package, the package will no longer show on {% data variables.product.product_name %}.
{% if currentVersion == "free-pro-team@latest" %}
Deleting a version of a user-scoped package on {% data variables.product.prodname_dotcom %}
To delete a specific version of a user-scoped package on {% data variables.product.prodname_dotcom %}, such as for a Docker image at ghcr.io, use these steps. To delete an entire package, see "Deleting an entire user-scoped package on {% data variables.product.prodname_dotcom %}."
{% data reusables.package_registry.container-registry-beta %}
To review who can delete a package version, see "Required permissions."
{% data reusables.package_registry.package-settings-from-user-level %}
{% data reusables.package_registry.package-settings-option %}
5. On the left, click Manage versions.
5. To the right of the version you want to delete, click {% octicon "kebab-horizontal" aria-label="The horizontal kebab icon" %} and select Delete version.
6. To confirm deletion, type the package name and click I understand the consequences, delete this version.
Deleting a version of an organization-scoped package on GitHub
To delete a specific version of an organization-scoped package on {% data variables.product.prodname_dotcom %}, such as for a Docker image at ghcr.io, use these steps.
To delete an entire package, see "Deleting an entire organization-scoped package on {% data variables.product.prodname_dotcom %}."
{% data reusables.package_registry.container-registry-beta %}
To review who can delete a package version, see "Required permissions."
{% data reusables.package_registry.package-settings-from-org-level %}
{% data reusables.package_registry.package-settings-option %}
5. On the left, click Manage versions.
5. To the right of the version you want to delete, click {% octicon "kebab-horizontal" aria-label="The horizontal kebab icon" %} and select Delete version.
6. To confirm deletion, type the package name and click I understand the consequences, delete this version.
{% endif %}
Deleting an entire package
Deleting an entire repository-scoped package on {% data variables.product.prodname_dotcom %}
To delete an entire repository-scoped package, you must have admin permissions to the repository that owns the package. For more information, see "Required permissions."
{% data reusables.repositories.navigate-to-repo %}
{% data reusables.package_registry.packages-from-code-tab %}
{% data reusables.package_registry.package-settings-option %}
4. Under "Danger Zone", click Delete this package.
5. To confirm, review the confirmation message, enter your package name, and click I understand, delete this package.
{% if currentVersion == "free-pro-team@latest" %}
Deleting an entire user-scoped package on {% data variables.product.prodname_dotcom %}
To review who can delete a package, see "Required permissions."
{% data reusables.package_registry.package-settings-from-user-level %}
{% data reusables.package_registry.package-settings-option %}
5. On the left, click Options.
6. Under "Danger zone", click Delete this package.
6. To confirm deletion, type the package name and click I understand the consequences, delete this package.
Deleting an entire organization-scoped package on {% data variables.product.prodname_dotcom %}
To review who can delete a package, see "Required permissions."
{% data reusables.package_registry.package-settings-from-org-level %}
{% data reusables.package_registry.package-settings-option %}
5. On the left, click Options.
6. Under "Danger zone", click Delete this package.
6. To confirm deletion, type the package name and click I understand the consequences, delete this package.
{% endif %}
Restoring packages
You can restore a deleted package or version if:
- You restore the package within 30 days of its deletion.
- The same package namespace and version is still available and not reused for a new package.
For example, if you have a deleted rubygem package named octo-package that was scoped to the repo octo-repo-owner/octo-repo, then you can only restore the package if the package namespace rubygem.pkg.github.com/octo-repo-owner/octo-repo/octo-package is still available, and 30 days have not yet passed.
You must also meet one of these permission requirements:
- For repository-scoped packages: You have admin permissions to the repository that owns the deleted package.
- For user-account scoped packages: Your user account owns the deleted package.
- For organization-scoped packages: You have admin permissions to the deleted package in the organization that owns the package.
For more information, see "Required permissions."
Once the package is restored, the package will use the same namespace it did before. If the same package namespace is not available, you will not be able to restore your package. In this scenario, to restore the deleted package, you must delete the new package that uses the deleted package's namespace first.
Restoring a package in an organization
You can restore a deleted package through your organization account settings, as long as the package was in one of your repositories or had granular permissions and was scoped to your organization account.
To review who can restore a package in an organization, see "Required permissions."
{% data reusables.organizations.navigate-to-org %}
{% data reusables.organizations.org_settings %}
3. On the left, click Packages.
4. Under "Deleted Packages", next to the package you want to restore, click Restore.
5. To confirm, type the name of the package and click I understand the consequences, restore this package.
Restoring a user-account scoped package
You can restore a deleted package through your user account settings, if the package was in one of your repositories or scoped to your user account. For more information, see "Required permissions."
{% data reusables.user_settings.access_settings %}
2. On the left, click Packages.
4. Under "Deleted Packages", next to the package you want to restore, click Restore.
5. To confirm, type the name of the package and click I understand the consequences, restore this package.
Restoring a package version
You can restore a package version from your package's landing page. To review who can restore a package, see "Required permissions."
- Navigate to your package's landing page.
- On the right, click Package settings.
- On the left, click Manage versions.
- On the top right, use the "Versions" drop-down menu and select Deleted.
- Next to the deleted package version you want to restore, click Restore.
- To confirm, click I understand the consequences, restore this version.
