Gem file size limits

Nick Quaranto nick at
Tue Jan 17 19:21:08 EST 2012

For those willing to do more data analysis, here's everything we have on S3
right now with file sizes.

On Tue, Jan 17, 2012 at 6:10 PM, Evan Phoenix <evan at> wrote:

> I believe that needs to limit the max size of a .gem file
> which will be allowed.
> This serves two purposes:
> 1) It protects users from themselves. The top 19 of 20 gems sorted by size
> are all huge because they accidentally packaged all previous versions
> within themselves. This issue needs to be fixed on the gem build side also,
> but there is no reason to allow these gems.
> 2) Cost. is becoming increasingly expensive to run and thus
> we need to begin thinking of ways to keep it mean and lean.
> I think we can all agree that some kind of limit makes sense. At the
> moment, there is nothing from preventing a user from using rubygems.orgas their personal backup and pushing terabytes in a .gem file. Clearly we
> can't operate if people do that.
> So the natural question I have for all of you is: what makes sense as the
> size limit? To help you with this decision, here is some data for you to
> chew on:
> 1) The top 1000 gems, sorted by size:
> 2) A histogram of gem sizes by megabyte:
> You can see from the histogram that 96% of gems are less than one
> megabyte, and 98% are 3 megs or less. It seems like that fact should inform
> our decision.
> To start the decision, let me throw out a starting point: 10 megs.
> Looking at the biggest non-accidental gems, they're almost all jruby
> related and contain huge .jar files. We've pinged others about removing the
> impediment to pushing gems with maven deps and thusly devs would use that
> functionality rather than packaging the jars within the gems themselves.
> Comments and Criticisms Required.
>  - Evan
> --
> Evan Phoenix // evan at
> _______________________________________________
> RubyGems-Developers mailing list
> RubyGems-Developers at

More information about the RubyGems-Developers mailing list