# RubyGems MCP

> RubyGems MCP Server lets your AI agent manage the Ruby ecosystem directly. Search for gems using `search_gems`, check a gem's full version history with `get_gem_versions`, and track download statistics instantly via `get_gem_downloads`. It also handles ownership records—add, remove, or update who owns a package—making it critical for dependency management and security auditing.

## Overview
- **Category:** developer-tools
- **Price:** Free
- **Tags:** ruby, package-manager, gem-management, software-distribution, rubygems-api

## Description

Yo, check this out. This server lets your AI agent handle the whole Ruby ecosystem, straight up from the command line into natural conversation. You're not dealing with some clumsy API playground; you're managing gem metadata, ownership records, and download stats for the world’s largest package registry.

**Gem Discovery & Metadata Retrieval**

You can search active gems using `search_gems`; it returns results paginated at 30 per page based on a query string. Need basic info on one specific gem? Use `get_gem`. For a quick list of every registered gem name, `get_compact_index_names` gives you a newline-separated dump. If you need more detail on all available versions for a single package, run `get_compact_index_info`. You can also grab a compact index containing the names, versions, and MD5s for every gem using `get_compact_index_versions`. To get the full rundown of version numbers for any given gem, call `get_gem_versions`; alternatively, you'll find the absolute most recent build number with `get_latest_gem_version`, or narrow down versions created between specific dates using `get_timeframe_versions` (you gotta use ISO8601 format for those dates). You can get core information about a single gem version using API v2 via `get_gem_version_details_v2`.

**Usage Tracking and Dependency Mapping**

Want to know how popular stuff is? You can retrieve the total download count across every gem in the registry with `get_downloads`. For specific metrics, you'll get download statistics for a single gem and its exact version number using `get_gem_downloads`. To see which gems depend on yours, check the dependency graph using `get_reverse_dependencies`. You can also pull usage data for all 50 most recently updated gems with `get_just_updated_activity` or see the 50 newest additions to the registry via `get_latest_activity`.

**Ownership and Access Control**

The server lets you audit who owns a gem. You can view every current owner or account for a package using `get_gem_owners`. If you need to change ownership, use `add_gem_owner` to bring on a new owner account, `remove_gem_owner` to take someone off the list, or `update_gem_owner` to modify an existing role. You'll also see which gems your user account has permission to publish updates for by calling `get_owner_gems`, and you can get a complete list of all gems *you* have publishing access to using `list_my_gems`. If you want to see basic public info about any user, run `get_profile`; or check out your own credentials and MFA setup with `get_my_profile`.

**Lifecycle Management and Publishing**

You're managing the code base here. You can submit a brand new version of your gem by uploading its compiled, base64 encoded binary data (.gem file) using `push_gem`. If you need to remove a specific version from public resolution—like it had a bug—use `yank_gem` to take that version offline. For managing external connections, you can set up a webhook endpoint that triggers on specified gem events (it applies globally if you use *), and then test whether that setup actually works by manually firing the webhook with `fire_webhook`; you'll remove any configured hook using `remove_webhook`. You can list all webhooks already registered for your account via `list_webhooks`.

**Authentication & Account Management**

Your AI client handles authentication too. You retrieve your personal API key using HTTP Basic Authentication credentials with `get_api_key`, and if you're dealing with OAuth, you can swap an OIDC ID token for a temporary, usable API key by calling `exchange_oidc_token`.

## Tools

### add_gem_owner
Adds a new owner account to an existing gem package.

### create_webhook
Sets up a webhook endpoint that triggers on specified gem events (can apply to all gems using *).

### exchange_oidc_token
Swaps an OIDC ID token for a temporary, usable API key.

### fire_webhook
Tests whether a previously created webhook is working correctly by firing it manually.

### get_api_key
Retrieves your personal API key using HTTP Basic Authentication credentials.

### get_compact_index_info
Returns a text list showing all versions available for one specific gem.

### get_compact_index_names
Provides a simple, newline-separated list of every registered gem name.

### get_compact_index_versions
Returns a compact index containing the names, versions, and MD5s for all gems.

### get_downloads
Retrieves the total number of downloads across every gem in the registry.

### get_gem_downloads
Retrieves download statistics for both a specific gem and its precise version number.

### get_gem_owners
Displays a list of all users or accounts that currently own the gem.

### get_gem
Gets the basic, core information about a single specified gem package.

### get_gem_version_details_v2
Returns highly detailed information for one specific gem version using API v2.

### get_gem_versions
Retrieves a complete list of every available version number for a single gem.

### get_just_updated_activity
Pulls the 50 most recently updated gems in the entire registry.

### get_latest_activity
Pulls the 50 most recently added gems to the registry.

### get_latest_gem_version
Finds and reports the absolute latest version number for any given gem.

### get_my_profile
Shows your own account profile details, including whether Multi-Factor Authentication is set up.

### get_owner_gems
Lists all the gems that a specified user has permission to publish or push updates to.

### get_profile
Displays basic public information about any user account on the platform.

### get_timeframe_versions
Finds and lists gem versions created within a specific date range (dates must be in ISO8601 format).

### list_my_gems
Lists all the gems that the authenticated user currently has publishing access to.

### list_webhooks
Displays a list of all webhooks you have registered and configured for your account.

### push_gem
Submits a new version of a gem by uploading its compiled, base64 encoded binary data (.gem file).

### remove_gem_owner
Removes an owner account from the ownership list of a specific gem.

### remove_webhook
Deletes and removes a registered webhook endpoint.

### get_reverse_dependencies
Lists all other gems that explicitly require or depend on the specified gem package.

### search_gems
Searches for active gems based on a query string; results are paginated (30 per page).

### update_gem_owner
Changes the role or status of an owner account associated with a gem.

### yank_gem
Removes (yanks) a specific version of a gem from the public index, making it unavailable for dependency resolution.

## Prompt Examples

**Prompt:** 
```
Search for Ruby gems related to 'redis' and show me the top results.
```

**Response:** 
```
I've searched RubyGems.org for 'redis'. The most relevant gems are 'redis' (the official client), 'redis-namespace', and 'redis-objects'. Would you like the full metadata for the main 'redis' gem?
```

**Prompt:** 
```
What is the latest version of the 'rails' gem and when was it released?
```

**Response:** 
```
Using `get_latest_gem_version`, I found that the latest version of 'rails' is 7.1.3.2. It was released on February 21, 2024. Do you want to see the download statistics for this version?
```

**Prompt:** 
```
Show me the download count for 'sidekiq' version 7.2.0.
```

**Response:** 
```
I've retrieved the stats using `get_gem_downloads`. For 'sidekiq' version 7.2.0, there have been approximately 1.2 million downloads. The total downloads for all versions of Sidekiq exceed 150 million.
```

## Capabilities

### Search and Discover Gems
You can search for gems by name, retrieve basic metadata, and pull full details about any specific package.

### Audit Gem Ownership and Roles
The server lets you view all current gem owners (`get_gem_owners`) and modify ownership roles using tools like `add_gem_owner` or `remove_gem_owner`.

### Track Versioning History
Retrieve comprehensive lists of every version, identify the latest build, or filter versions by a specific date range.

### Analyze Package Usage Metrics
Get download counts for an entire gem or a single version. You can also see which gems depend on your package using `get_reverse_dependencies`.

### Manage Gem Lifecycle
Submit new versions of your code with `push_gem`, list all your owned packages (`list_my_gems`), or even remove a gem version from the index using `yank_gem`.

## Use Cases

### Auditing a Supply Chain Risk
A security researcher needs to know if a gem they rely on has been compromised. They ask their agent: 'List all owners for the 'rails' gem and show me any gems that depend on it.' The agent runs `get_gem_owners` and then follows up with `get_reverse_dependencies`, providing an immediate risk assessment.

### Checking Release Readiness
A developer just finished a feature. Before pushing, they ask the agent: 'What is the latest version of my gem? And how many downloads did v1.0 track last month?' The agent uses `get_latest_gem_version` and then queries `get_gem_downloads`, confirming readiness before calling `push_gem`.

### Investigating a Legacy Gem
A team member finds an old gem used somewhere. They ask: 'Show me all versions of this gem, and also list every other package that uses it.' The agent runs `get_gem_versions` for historical context and then calls `get_reverse_dependencies` to find the root cause.

### Onboarding a New Contributor
A developer needs to grant publishing rights. They ask: 'Who owns this gem, and how do I add John Doe as a secondary owner?' The agent runs `get_gem_owners` first, then uses `add_gem_owner`, keeping the entire process within the conversation flow.

## Benefits

- Check gem metadata instantly. Instead of running `gem spec` repeatedly, ask your agent to use `get_gem` for immediate details on any package.
- Master dependency mapping. Running `get_reverse_dependencies` tells you exactly which other gems rely on the one you're building—crucial before a release.
- Keep track of usage metrics without leaving chat. Use `get_gem_downloads` to see how many times a specific version of Sidekiq has been downloaded, all in one prompt.
- Manage ownership risks with precision. Tools like `add_gem_owner`, `remove_gem_owner`, and `update_gem_owner` let you control who can publish code after running basic checks.
- Streamline release management. Use `get_latest_gem_version` to find the current stable build, then use `push_gem` to submit your fix—all without manual CLI switching.

## How It Works

The bottom line is that it lets you manage Ruby package metadata using conversation instead of jumping through command-line flags.

1. Subscribe to the RubyGems server and provide your API Key.
2. Ask your AI client for a specific action—for example, 'What are the dependencies for rails?'
3. The agent executes `get_reverse_dependencies` and gives you a clean list of all relying gems.

## Frequently Asked Questions

**How do I check how many times a gem has been downloaded using get_gem_downloads?**
Use `get_gem_downloads` and provide the exact gem name and version number. This tool returns specific stats, while `get_downloads` gives you the total count across all versions.

**What is the difference between get_gem and search_gems?**
`search_gems` finds potential matches based on a query string (like 'redis'). Once you select one, use `get_gem` to pull the complete, basic metadata for that specific gem package.

**Can I list all gems owned by my account using list_my_gems?**
Yes. Running `list_my_gems` retrieves a definitive list of every gem you have push access to, which is useful for inventorying your published work.

**How do I see what gems depend on my current package? (get_reverse_dependencies)**
You call `get_reverse_dependencies` and pass the name of your gem. The server then returns a list of every other registered gem that requires yours, which is critical for impact assessment.

**If I lose access, how can I retrieve my API credentials using get_api_key?**
The `get_api_key` tool retrieves your current API key using HTTP Basic Auth. This is the primary way to re-establish connection credentials for your AI client when you don't have them handy.

**What happens when I use remove_gem_owner on a gem?**
The `remove_gem_owner` tool revokes another user's ownership status from the specified gem. This is crucial for managing security and access rights to your packages.

**Is using yank_gem permanent, or can I restore a removed version?**
Yanking a gem removes that specific version from the public index listing. It's an explicit action designed to prevent accidental usage of potentially faulty code.

**Using get_compact_index_names, what format does the output provide?**
The `get_compact_index_names` tool returns a simple newline-delimited list. This makes it easy for your agent to process and iterate through every available gem name at once.

**Can I see which gems depend on a specific gem?**
Yes! Use the `get_reverse_dependencies` tool with the gem name. It will return a list of all gems on RubyGems.org that list that gem as a dependency.

**How do I check my own gems and their status?**
By providing your API key, you can use the `list_my_gems` tool. This will display all gems where you have push access and ownership rights.

**Can I get the full version history of a package?**
Absolutely. The `get_gem_versions` tool retrieves every published version of a specific gem, allowing you to audit changes and release frequency.