I find the current Bun situation extremely interesting. Bun is turning into a public case study which mirrors what some of us engineers are dealing with at work - leadership has some objective, they’re convinced AI tooling can help them get there faster and cheaper, and engineers are pressured to keep up.
Last December, Anthropic acquired Bun [cit]. The tool was developed by Oven [cit], a company founded and led by Jarred Sumner [cit]. If you’re not familiar, Bun [cit] is an all-in-one JavaScript/TypeScript/JSX toolkit written in Zig with a heavy focus on performance and speed. It attempts to provide many of the capabilities which JavaScript’s messy ecosystem have struggled with - these includes webpacking and bundling, package management, DOM-compatible test running, and even the JavaScript runtime itself. The tool also chooses more sensible default behaviors, such as blocking execution of scripts for installed dependencies by default [cit]. This example makes Bun meaningfully safer than NPM [ast https://github.com/oven-sh/bun/blob/main/src/install/default-trusted-dependencies.txt] and would have decreased the blast radius of the Shai-Hulud attack (renewed in November 2025).
Anthropic and Bun have some history together. Claude Code is a TypeScript project which uses Bun for building and package management [cit https://github.com/codeaashu/claude-code/blob/main/package.json]. We know this from Chaofan Shou’s discovery that the entire Claude Code source was bundled with the claude-code NPM package [cit].
The Licensing Issue
According to Anthropic:
Bun will remain open source and MIT-licensed, and we will continue to invest in making it the runtime, bundler, package manager, and test runner of choice for JavaScript and TypeScript developers.
This may bring to mind historical analogies such as Terraform, which underwent a license change from MPL to BUSL in August 2023 under Hashicorp and resulted in the OpenTofu fork [cit], or ElasticSearch, which was moved off an open-source license in January 2021 by Elastic (Elastic blamed competition from a closed-source fork maintained and sold by Amazon Web Services).
Another parallel is Berkeley DB, an embedded database released by Sleepycat Software in 1996. Berkeley DB was originally dual-licensed; the software was offered with both a standard commercial license and an open-source “GPL-ish” Sleepycat license [cit https://web.archive.org/web/20080906125402/http://searchenterpriselinux.techtarget.com/originalContent/0,289142,sid39_gci1071880,00.html]. In 2006, Sleepycat was acquired by Oracle and the licensing structure for Berkeley DB was changed by Oracle in 2013. While the new dual-license model still included a copyleft open-source choice, it became more pragmatic for closed-source, commercial, and even some open-source projects to either buy Oracle’s commercial license or phase-out use of the tool in their projects [cit https://web.archive.org/web/20190127044822/https://article.gmane.org/gmane.linux.debian.devel.legal/35034] [cit https://lists.debian.org/debian-devel/2014/06/msg00338.html].
If you build a project with Bun today, you can necessarily avoid tool lock-in since the tool is built to support modern tooling and standards for JavaScript and TypeScript based projects. Also, alternative tooling (e.g. Deno) provides some of the same breadth as Bun [cit. Deno]. Still - it’s not hard to believe that Anthropic’s goals may be in direct conflict with Sumner’s longer term priorities for the software, and that this may result in a change in the licensing model.
The AI Rewrite Issue
Recently, there’s been a lot of activity within the Bun repository [cit] on GitHub. Here’s a summary of the timeline (for context, take a look at Zig’s anti-LLM policy first [cit https://simonwillison.net/2026/Apr/30/zig-anti-ai/ https://ziglang.org/code-of-conduct/]):
May 4, 2026: Sumner adds a Zig-to-Rust porting guide on a divergent branch. This Markdown guide is designed as a detailed system prompt for (most likely) Claude Code [cit]. May 5, 2026: A HackerNews user picks up on this commit. The commit is pushed to the front page and Sumner responds:
I work on Bun and this is my branch
This whole thread is an overreaction. 302 comments about code that does not work. We haven’t committed to rewriting. There’s a very high chance all this code gets thrown out completely.
I’m curious to see what a working version of this looks, what it feels like, how it performs and if/how hard it’d be to get it to pass Bun’s test suite and be maintainable. I’d like to be able to compare a viable Rust version and a Zig version side by side.
May 5 - May 14, 2026: More than 6700 commits were pushed to the branch, mainly by Sumner.
May 14, 2026: The divergent branch was merged to main and introduced to the canary release of Bun [cit].
There are a few different ways to interpret this. On one hand, Sumner’s point that Bun now has “compiler-assisted tools for catching & preventing memory bugs” [cit] is inarguable. Rust’s borrow checker can help to eliminate a whole class of memory management bugs inherent in languages like C++ and Zig. Using a tool like Claude Code to rewrite a whole project from one language to another in less than two weeks would have been every systems-level software engineer’s dream five years ago at the peak of “just rewrite it in Rust”.
On the other hand, some Rust rewrites give off a shiny object syndrome-vibe. In the context of Bun, there’s not necessarily a need for elimination of all memory bugs. If you have a mission- or life-critical application which cannot* fail under a memory management bug, you’re not building it on top of Bun (I’m not going anywhere near the JavaScript ecosystem). Surely Anthropic would get more value throwing Sumner and team at some more critical use-cases?
But maybe therein lies the whole point. After all, why would Anthropic spend some likely 9-figure sum to acquire Bun? Perhaps Anthropic noticed industry getting more and more invested into using AI tooling to rewrite large swaths of their IP and needed a case study with Claude Code to brag about. Bun was the perfect target - Anthropic already had stake in Bun, a Zig-to-Rust rewrite was probably already on Sumner’s TODO list, and Sumner could be the talented MTS to lead the rewrite.
One of the arguments I’ve seen against Bun’s rewrite is the code quality. Many of these arguments center around the use of unsafe blocks. Sumner built an AI-generated analysis of Bun’s use of unsafe in response to these criticisms [cit https://bun.com/bun-unsafe-audit]. Make of that what you will.
I think some of the angst surrounding Bun’s rewrite is a reflection of our industry’s current anxieties surrounding AI and LLMs. Much of our industry has never seen a buyer-favored job market, and many engineers are being forced into an ultimatum at their workspace - absorb AI tooling and get ahead of everybody else, or find a new place to write code (or prompt the chat). Engineers feel as if their leadership are happy to view AI tooling as a force-reduction tool instead of a force-multiplying tool and feel their input isn’t being valued. This situation is worsened by the gospel of industry leaders who view their software product as messianic [cit].