Deleting a specific npm package version in Nexus Repository 2

Visit for documentation on Nexus Repository version 2.

The official npm tool maintainers' viewpoint is that deleting npm packages from a registry is not a recommended operation. The npm deprecate command is preferred, however, only Nexus Repository 3 supports the deprecate command.

We realize there may be an occasional need to delete an npm package in Nexus Repository 2 and this article outlines a workaround for the missing deprecate support in that version.

Removing A Specific npm Package Version

Instructions for deleting a specific npm package version in Nexus Repository 2 starting at version 2.11.3. Earlier versions are not supported.

  1. Make a backup of the files in package storage. When deleting, it will be moved to the<npm-hosted-repo-id>/.nexus/trash directory, but always worth having an extra backup.


  2. Delete the npm package (this will delete all versions of that package) using the following call:

    curl -X DELETE -u xxx:yyy http://nexus:8081/nexus/content/repositories/<npm-hosted-repo-id>/<package-name>

  3. Copy/Move back the package from the trash. 

    cp -r sonatype-work/nexus/storage/<npm-hosted-repo-id>/.nexus/trash/<package-name> sonatype-work/nexus/storage/<npm-hosted-repo-id>/

  4. Remove the version you do not want to keep. 

    rm sonatype-work/nexus/storage/<npm-hosted-repo-id>/<npm-hosted-repo-id>/-/<npm-hosted-repo-id>-<version>.tgz

  5. Rebuild the npm database for repository <npm-hosted-repo-id> with the scheduled task named "Rebuild hosted npm Metadata".

  6. The following URL should now have correct metadata without the version that was deleted.


Removing All Versions of an npm Package

From Nexus Repository 2.11.3 onwards, you can remove all versions of a specific npm package with a single command. See the documentation for more details.



Have more questions? Submit a request


Article is closed for comments.