Bun’s Rust rewrite is not just a Rust versus Zig story
Bun turned a million-line language migration into a public test of AI-assisted open source engineering. The useful lesson is about tests, CI and human ownership.
Bun's move from Zig to Rust would have been a big open source story even without AI. Bun is a serious JavaScript and TypeScript runtime, package manager, bundler and test runner. It has millions of monthly downloads, a large GitHub audience and real use in developer tools.

But the rewrite became the open source argument of the week because of how it happened. Jarred Sumner's July 8 post says Bun was acquired by Anthropic in December 2025, that the Bun team now works at Anthropic, and that a pre-release version of Claude Fable 5 was used for much of the port from Zig to Rust. Andrew Kelley, the creator of Zig, responded the next day with a long and sharp post of his own. Two Hacker News threads then turned into a public review of the rewrite, the language choice, the use of AI agents, the tone of the debate and the health of relationships around infrastructure projects.
The easy version of the story is "Rust beat Zig." That is too small. The more useful version is this: Bun has turned the old rule against large rewrites into a live experiment. Can a big infrastructure project now attempt a language migration that used to be almost forbidden if it has a strong test suite, compiler feedback, CI, human review and enough AI agent capacity?
That question matters well beyond Bun.
What changed
Bun started as a Zig project. Sumner's post is explicit about why: Zig made the early version possible. Bun began as a fast-moving port of esbuild's JavaScript and TypeScript transpiler from Go to Zig, then grew into a much broader toolkit: transpiler, minifier, bundler, npm-compatible package manager, Jest-like test runner, module resolver, HTTP and WebSocket client, and Node.js API implementations.
That scope made Bun useful. It also made it hard to keep stable. The Bun post lists recent bugs in areas such as node:zlib, node:http2, UDP sockets, Buffer behavior, TLS session handling, fs.watch, CSS parsing and JavaScriptCore interaction. Many of the examples are memory lifetime failures: use-after-free, double-free, forgotten cleanup and leaks on error paths.
Sumner is careful not to say Zig is broken. His argument is more specific: Bun sits in an awkward place where a JavaScript runtime, JavaScriptCore garbage collection, native resources, C/C++ boundaries, asynchronous callbacks and manual memory management all meet. In that environment, moving more ownership and cleanup rules into the compiler became attractive.
Safe Rust does not remove every risk. It does not make FFI safe. It does not erase unsafe blocks. It does not prove that tests cover every behavior. But for a project drowning in resource lifetime bugs, Rust's ownership model and Drop semantics can move a meaningful class of mistakes from production crashes into compile-time work.
The scale was not normal
The merged GitHub pull request, oven-sh/bun#30412, is the part that makes the discussion concrete. The briefing and GitHub checks show it was merged in May, with thousands of commits, more than two thousand changed files and roughly a million additions. The repository currently reports Rust as its primary language on GitHub.
That is not a weekend refactor. It is a codebase migration.
It is also not a normal manual rewrite. Sumner describes an agentic process built around workflows, trial runs, compiler errors, test failures, adversarial review and process changes when the agents produced bad behavior. Simon Willison called the post a detailed case study in agentic engineering and highlighted one enabling factor: Bun's large TypeScript test suite could act as a conformance suite independent of the implementation language.
That is the most portable lesson in the whole story. The agents were not trusted because they were clever. They were useful because the project had an external oracle: compile, run tests, compare behavior, repeat. When the test suite is language independent, it becomes a target for a migration rather than a decoration around it.
What AI changed, and what it did not
AI agents changed the economics of the rewrite. A human team still had to design the migration, inspect outputs, tune the process, decide what to merge and own the consequences. But agents could turn compiler errors and test failures into a large parallel work queue.
That does not make million-line rewrites safe by default. It may make them thinkable in a narrow set of projects.
The difference is process maturity. Bun had a large runtime-agnostic test suite, CI, memory testing, fuzzing claims, a compiler that forces many ownership decisions, and a team willing to watch the loop. A project without those conditions should not copy the headline. "Use agents to rewrite everything" is not a strategy. "Build tests that can judge an implementation, then use agents under that judgment" is much closer to a strategy.
This is where the story becomes relevant for maintainers. The AI part is exciting, but the boring part is the control system around it.
Why the dispute became heated
Andrew Kelley's response is more than a technical note. It contains a history of the relationship between Bun and the Zig community, criticism of Bun's engineering practices, concerns about code quality and a broader argument about how venture-backed open source changes project incentives. Some readers focused on those personal and organizational claims. Others wanted a narrower technical defense of Zig.
The sharpness of the response matters because open source projects are not only code. They are communities, reputations, donations, hiring pipelines and identity. Bun had long been one of the most visible Zig success stories. It also donated to the Zig Software Foundation. After the Anthropic acquisition and the Rust rewrite, that relationship became part of the public story.
Open source observers should resist turning this into a scoreboard. Zig did not stop being useful because Bun changed language. Rust did not become a magic solvent because Bun chose it. The event shows how fragile the relationship can be between an application project and the language community that helped it grow.
The technical caveats are real
Rust reduces some classes of bugs, but it does not remove all of Bun's hard problems. Bun still has boundaries with JavaScriptCore and native libraries. Any unsafe Rust, FFI, embedded engine behavior and callback-heavy runtime code can still produce subtle bugs. The GitHub issue about PathString::slice and Miri shows the point: a Rust port can still need better undefined-behavior checking and more CI coverage.
Tests also have limits. They prove the behavior that they exercise. A large conformance suite is valuable, but it is not a mathematical proof that the rewrite matches every edge case. This is especially true for runtimes, package managers and Node-compatible APIs where real-world compatibility is full of strange behavior.
The release status matters too. The latest public release page checked during research still shows Bun v1.3.14 from May as the latest release. Sumner and Willison both point to the Rust port being live in Claude Code from v2.1.181 onward, but ordinary Bun users should still verify the release channel they are using before assuming they are on the Rust implementation.
What users should do
If you use Bun in a production project, the practical advice is not to panic and not to cheer blindly. Track the channel. Read the release notes. Run your own test suite against canary or the relevant release. Watch issues around platform differences, performance regressions, memory behavior, package manager edge cases and Node compatibility.
The rewrite may reduce important memory bugs. It may also introduce new compatibility or behavior differences. Both can be true.
For teams evaluating Bun against Node or Deno, the Rust port is a sign that Bun is becoming more institutional, better funded and more willing to pay down deep technical debt. It is also a sign that Bun's governance and roadmap now sit inside Anthropic's priorities. That is not automatically bad, but it is a factor open source users should notice.
What maintainers can take from it
The best part to copy is not the million-line diff. It is the preparation.
Build a test suite that describes behavior without depending on implementation details. Make it easy to run in CI. Measure performance and compatibility before and after. Add fuzzing and memory checks where they matter. Use small trial migrations before large ones. Treat compiler errors as feedback, not as a nuisance. Review the process that generates code, not only the final patch. Keep a human owner accountable for the merge.
The worst part to copy is the drama. Language migrations are already emotional. If a project has benefited from a language ecosystem, it should communicate clearly, credit the old choice fairly and explain the new choice without turning the community into collateral damage. If a language community feels burned, it should still separate technical critique from personal grievance.
The open source lesson
Bun's Rust rewrite is worth watching because it may mark a new category of open source event: AI-assisted infrastructure migration done in public, with enough tests and real users to make the outcome measurable.
It does not prove that agents can safely rewrite any project. It does prove that the boundary of what maintainers will attempt is moving.
For Open Source Radar, the useful takeaway is not "choose Rust" or "abandon Zig." It is this: large rewrites are still dangerous, but the cost model is changing. Projects with strong conformance suites, observable behavior, disciplined CI and human review may now try migrations that would once have been dismissed immediately. Projects without those things will only produce a larger mess faster.
AI did not replace engineering discipline in the Bun story. It made discipline more important.
Comments
Sign in to comment.
No comments yet.