Bun Runtime Begins Rewrite from Zig to Rust
Original: Rewriting Bun in Rust
Why This Matters
A Rust rewrite signals Bun's push for production-grade memory safety as adoption scales across major cloud platforms.
JavaScript runtime Bun, acquired by Anthropic in December 2025, has announced a rewrite of its codebase from Zig to Rust. Creator Jarred Sumner cited ongoing memory safety bugs — including use-after-free and heap out-of-bounds crashes — as key motivation. A pre-release version of Claude Fable 5 was used to assist the migration.
Bun, the JavaScript/TypeScript runtime that now sees over 22 million monthly CLI downloads, is undergoing a significant rewrite from Zig to Rust. The announcement was made by Bun creator Jarred Sumner, who noted that Bun was acquired by Anthropic in December 2025 and that he used a pre-release version of Claude Fable 5 to assist with much of the Rust rewrite.
Sumner originally chose Zig in April 2021, porting esbuild's transpiler line-for-line as the starting point. He credited Zig as the reason he was able to build Bun's expansive feature set — including a bundler, npm-compatible package manager, Jest-like test runner, and Node.js API compatibility layer — within a single year from a one-bedroom apartment.
However, Bun's broad scope has created persistent stability challenges. The v1.3.14 release alone fixed multiple memory safety issues: heap-use-after-free bugs in node:zlib and node:http2, use-after-free in UDPSocket, out-of-bounds reads in Buffer operations, and multiple memory leaks in TLS and crypto subsystems. These classes of bugs are the primary driver behind the shift to Rust's memory safety model.
Bun is widely used in production environments, with Vercel, Railway, and DigitalOcean offering first-party support. Tools including Claude Code and OpenCode rely on Bun as their runtime.