Bun Rewrites Its Core in Rust, Shrinks Binary by Up to 8 MB
Key Takeaways
- Bun's Rust rewrite has been merged and is available in canary builds
- Binary size drops by 3 MB to 8 MB depending on platform
- The rewrite fixes several memory leaks and flaky tests while maintaining the same architecture
What Just Happened
Jarred Sumner, creator of Bun, merged pull request #30412 on May 8, 2026. The PR rewrites Bun's core from Zig to Rust. It's now live in canary builds.
This is a big deal for the JavaScript runtime that has positioned itself as a faster, all-in-one alternative to Node.js. Bun handles package management, bundling, testing, and runtime execution. Rewriting its foundation in Rust gives the team access to the language's memory safety guarantees without sacrificing performance.
The Technical Details
According to Sumner's notes in the PR, the Rust rewrite passes Bun's entire pre-existing test suite on all platforms. It also fixes several memory leaks and flaky tests that had plagued the project.
The architecture stays the same. So do the data structures. Bun still uses few third-party libraries. And there's no async Rust, which is notable. Async Rust has a reputation for complexity, and avoiding it keeps the codebase more straightforward.
Benchmarks range from neutral to faster. Sumner didn't release specific numbers yet, but promised a blog post with details. The real win, as he describes it, is tooling: Rust's compiler catches memory bugs that previously cost the team enormous development and debugging time.
How to Try It
If you want to test the Rust-based Bun, run:
bun upgrade --canarySumner asked users to file issues if they hit problems. He also noted there's still optimization and cleanup work before this lands in a stable release. Expect follow-up PRs.
Why Rust, Why Now
Bun was originally written in Zig, a systems language that offers manual memory control and C interop. Zig is fast and lean, but it lacks Rust's borrow checker. The borrow checker is Rust's signature feature. It prevents entire categories of memory bugs at compile time rather than runtime.
For a project like Bun, which handles complex operations like bundling, transpiling, and package resolution, memory bugs are a constant threat. They cause crashes, security vulnerabilities, and unpredictable behavior. Sumner's comment about the "enormous amount of development and debugging time" suggests these issues were a real drag on the project.
Rust also has a larger ecosystem and community than Zig. More developers know it. More tools support it. That could help Bun attract contributors.
What Stays the Same
The user-facing API isn't changing. If you're using Bun today, your code should work the same way after the Rust rewrite lands in stable. The architecture, data structures, and minimal dependency philosophy all remain.
This is a foundation change, not a product pivot. Bun is still Bun. It just has a more robust engine underneath.
Logicity's Take
What to Watch For
Sumner promised a blog post with more details. That should include specific benchmark numbers and a deeper explanation of the migration process. Given the complexity of rewriting a JavaScript runtime, that post will likely be a valuable case study for anyone considering a similar migration.
The canary period will reveal edge cases. If you depend on Bun in production, wait for the stable release. If you're curious or want to help find bugs, now's the time to test.
Frequently Asked Questions
Is Bun now written entirely in Rust?
The core has been rewritten in Rust. The overall architecture and data structures remain the same, and Bun still uses few third-party libraries.
Will the Bun Rust rewrite break my existing code?
No. The rewrite passes Bun's entire existing test suite. Your code should work the same way.
When will the Rust version of Bun be stable?
It's currently in canary. Sumner said there's still optimization and cleanup work before a stable release, but didn't give a specific date.
Is the Rust version of Bun faster?
Benchmarks range from neutral to faster according to Sumner. Specific numbers haven't been released yet.
Why did Bun switch from Zig to Rust?
Rust's compiler-assisted memory safety tools help catch and prevent bugs that were costing the team significant debugging time.
Need Help Implementing This?
Source: Hacker News: Best
Manaal Khan
Tech & Innovation Writer
Related Articles
Browse all
Robotaxi Companies Are Hiding How Often Humans Take the Wheel
Autonomous vehicle firms like Waymo and Tesla are under scrutiny for refusing to disclose how often remote operators step in to control their self-driving cars. A Senate investigation reveals major gaps in transparency, raising safety and accountability concerns.
Wisconsin Governor Throws a Wrench in Age Verification Plans
Wisconsin Governor Tony Evers has vetoed a bill that would have required residents to verify their age before accessing adult content online, citing concerns over privacy and data security. This move comes as several other states have already implemented similar age check requirements. The veto has significant implications for the future of online age verification.
Apple's App Store Empire Under Siege: The Battle for the Future of Tech
The long-running feud between Apple and Epic Games has reached a boiling point, with Apple preparing to take its case to the Supreme Court. The tech giant is fighting to maintain control over its App Store, while Epic Games is pushing for more freedom for developers. The outcome could have far-reaching implications for the entire tech industry.
Tesla's Remote Parking Feature: The Investigation That Didn't Quite Park Itself
The US auto safety regulators have closed their investigation into Tesla's remote parking feature, but what does this mean for the future of autonomous driving? We dive into the details of the investigation and what it reveals about the technology. The National Highway Traffic Safety Administration found that crashes were rare and minor, but the investigation's closure doesn't necessarily mean the feature is completely safe.
Also Read
Cisco SD-WAN Zero-Day Exploited: CISA Orders Patch by May 17
Cisco disclosed a critical authentication bypass flaw in its Catalyst SD-WAN Controller that attackers have been exploiting in the wild. The vulnerability allows attackers to gain administrative privileges and manipulate network configurations. CISA has added it to the Known Exploited Vulnerabilities catalog with a three-day patch deadline.
5 New Shows to Stream This Weekend on Netflix, Paramount+
This weekend brings a Heat-inspired crime thriller to Netflix, the second season of Rivals on Hulu, and new content from Taylor Sheridan's Yellowstone universe. Here's what's worth your streaming time from May 15-17.
VW ID.Buzz Returns for 2027 with Camping-Ready Tourer Trim
Volkswagen has confirmed the ID.Buzz electric van is back for model year 2027 after skipping 2026. The lineup adds two new all-wheel-drive trims, including a Tourer model with a fold-out bed, removable blinds, and overnight camping features.