Skip to main content

Guide

Bun 1.x in Production: Real-World Performance & 2026

Bun promises 3-5x faster startup and install times. After a year of production deployments, here's what actually holds up — and what to watch out for.

·PkgPulse Team·
0

TL;DR

Bun 1.x is production-ready for most Node.js workloads, but "production-ready" has caveats. The performance claims are real — Bun's HTTP server benchmarks at 3-4x Node.js, installs packages 10-25x faster, and starts up 3x quicker. The gotchas: Node.js compatibility is ~95% but that 5% breaks real packages, native addons don't work, and some edge cases in the runtime differ from Node's behavior. Verdict: use Bun for new greenfield projects; migrate existing Node.js apps only after thorough testing.

Key Takeaways

  • Install speed: 10-25x faster than npm (bun install vs npm install)
  • HTTP throughput: 2-4x faster than Node.js for raw HTTP benchmarks
  • Node.js compatibility: ~95% — most packages work; some native addons don't
  • Built-in bundler, test runner, TS transpiler — replaces several tools
  • Production gotcha: SQLite works natively; other native addons need Node.js

The Performance Claims: What Holds Up

# Install speed (real numbers on a medium project, ~200 deps):
npm install:    45 seconds (cold cache)
yarn install:   38 seconds
pnpm install:   22 seconds
bun install:     3 seconds  ← 15x faster than npm

# These are real numbers. Bun's package manager is written in Zig,
# uses a global cache, and does parallel installs aggressively.
# On CI with warm cache: bun install takes ~0.5-1 second.

# HTTP server throughput (hello world JSON endpoint):
Node.js (22):     ~39,000 req/s
Node.js (Fastify): ~75,000 req/s
Bun (built-in):   ~120,000 req/s (3x Node.js raw, 1.6x Fastify)
Bun (Hono):       ~110,000 req/s

# Startup time (a typical Express-equivalent app):
Node.js:    180ms
Bun:         55ms  (3.3x faster)

# TypeScript execution (no build step needed):
# Instead of: tsc && node dist/index.js
bun run src/index.ts
# Bun transpiles TypeScript on the fly.
# No tsconfig.json required (though it respects it if present).
# Startup: same as running JavaScript.

The Built-In Toolkit (Replaces Several npm Packages)

// 1. TypeScript execution — no build step
// bun run server.ts
// Works directly. No ts-node, no tsx, no tsc first.

// 2. Built-in test runner
import { test, expect, describe } from 'bun:test';

describe('User service', () => {
  test('creates user correctly', async () => {
    const user = await createUser({ email: 'test@example.com' });
    expect(user.email).toBe('test@example.com');
    expect(user.id).toBeDefined();
  });
});
// Run: bun test
// Compatible with Jest's expect API — most Jest tests work with 0 changes

// 3. Built-in bundler
// bunfig.toml or CLI:
bun build ./src/index.ts --outdir ./dist --target node
bun build ./src/index.ts --outdir ./dist --target browser --minify

// Faster than esbuild for many workloads

// 4. Built-in SQLite (no better-sqlite3 needed)
import { Database } from 'bun:sqlite';

const db = new Database('myapp.sqlite');
const users = db.query('SELECT * FROM users WHERE active = ?').all(true);
// Synchronous, fast, no native addon needed

// 5. Built-in file I/O (faster than fs)
const file = Bun.file('./data.json');
const data = await file.json();
await Bun.write('./output.json', JSON.stringify(result));

// 6. Built-in WebSocket (fast, minimal API)
Bun.serve({
  port: 3000,
  fetch(req, server) {
    if (server.upgrade(req)) return;
    return new Response('Not a WebSocket');
  },
  websocket: {
    message(ws, msg) { ws.send(msg); },
    open(ws) { console.log('connected'); },
    close(ws) { console.log('disconnected'); },
  },
});

Node.js Compatibility: The Real Picture

Bun's compatibility goal: "Run Node.js code without modification"
Current reality (Bun 1.x): ~95% compatible

What works:
✅ Express, Fastify, Hono, Koa
✅ Prisma, Drizzle, Mongoose
✅ React, Vue, Svelte (compiled)
✅ TypeScript (native)
✅ Most npm packages (pure JavaScript)
✅ Node.js built-in modules: fs, path, crypto, http, stream, etc.
✅ CommonJS require() and ESM import
✅ Worker threads (basic)
✅ Environment variables (process.env)

What doesn't work:
❌ Native addons (.node files compiled with node-gyp)
   → bcrypt (use bcryptjs instead)
   → sharp (use @cf-workers/image-transform or jimp)
   → canvas (no Bun equivalent yet)
   → Some database drivers (use Bun's built-in SQLite or pure-JS drivers)

⚠️  Works but differently:
→ child_process.fork() — works but interprocess is Node.js only
→ cluster module — partial support
→ Some crypto edge cases differ from Node.js
→ REPL — not identical to Node.js REPL
→ Inspector/debugger — Chrome DevTools works, some differences

Common substitutions when migrating to Bun:
# Instead of:            Use:
bcrypt              →   bun:crypto (Argon2 built-in) or bcryptjs
sharp               →   jimp (pure JS, slower) or skip if edge
node-canvas         →   No drop-in replacement
node-gyp packages   →   Find pure-JS alternatives

Production Deployment Patterns

# Docker with Bun (minimal production image):
FROM oven/bun:1 AS base
WORKDIR /app

FROM base AS install
COPY package.json bun.lockb ./
RUN bun install --frozen-lockfile

FROM base AS release
COPY --from=install /app/node_modules ./node_modules
COPY . .

# Bun compiles to a single executable (optional):
RUN bun build ./src/index.ts --compile --outfile server
EXPOSE 3000
CMD ["./server"]  # Or: CMD ["bun", "run", "src/index.ts"]

# Size comparison:
# node:22-alpine + your app: ~180MB
# oven/bun:1-alpine + your app: ~120MB
# Bun compiled binary (--compile): ~50MB standalone executable

# Vercel (supports Bun natively since 2024):
# vercel.json:
{
  "installCommand": "bun install",
  "buildCommand": "bun run build"
}
# Vercel detects bun.lockb and uses Bun automatically

# Railway, Render, Fly.io: all support oven/bun Docker images
# Cloudflare Workers: NOT Bun (uses V8, not JavaScriptCore)
# AWS Lambda: use the custom runtime with oven/bun base image

Real-World Gotchas Found in Production

// Gotcha 1: process.exit() behavior differs
// In Node.js: process.exit() flushes stdout/stderr before exiting
// In Bun: may not flush in all cases
// Fix: explicit await before exit
await Bun.flush?.();
process.exit(0);

// Gotcha 2: __dirname / __filename in ESM
// Node.js ESM: __dirname is undefined (use import.meta.dirname)
// Bun: supports both __dirname AND import.meta.dirname
// Watch out when sharing code between Node.js and Bun:
const dir = typeof __dirname !== 'undefined'
  ? __dirname
  : new URL('.', import.meta.url).pathname;

// Gotcha 3: Error stack traces
// Bun error stacks look different from Node.js
// Monitoring tools (Sentry, Datadog) may parse them differently
// Sentry's Bun SDK handles this; check your APM tool

// Gotcha 4: require() of .json files
// Node.js: const data = require('./data.json') ✅
// Bun: works, but with import assertions preferred:
import data from './data.json' with { type: 'json' };

// Gotcha 5: Bun.serve vs http.createServer
// Bun.serve is faster but doesn't have the full http.IncomingMessage API
// Express uses http.createServer internally — works fine
// Code directly using http.IncomingMessage: may need adjustment

// Gotcha 6: Long-running tests with fake timers
// Bun's test runner fake timers differ from Jest's in edge cases
// Most tests work; complex timer manipulation tests may need tweaks

Should You Migrate?

Decision framework:

New greenfield project:
→ YES — use Bun. Faster DX (install, startup, TS native).
→ No migration cost; start with Bun's defaults.
→ If you later hit a compatibility wall, switching to Node.js is easy.

Existing Node.js project (no native addons):
→ PROBABLY YES — test first, migrate if tests pass.
→ Step 1: Replace package manager only (bun install instead of npm)
→ Step 2: Run test suite with Bun (bun test or bun run jest)
→ Step 3: Run the server with Bun (bun run src/index.ts)
→ If all 3 pass: you're done, ship it.

Existing project WITH native addons (sharp, bcrypt, canvas):
→ PROBABLY NO — compatibility issues will require code changes
→ Evaluate the specific packages and find pure-JS alternatives
→ Is the migration worth the effort for your team?

High-traffic production service:
→ TEST THOROUGHLY — Bun's behavior differs in edge cases
→ Run parallel: keep Node.js in production, test Bun in staging
→ Load test with realistic traffic patterns
→ If metrics look good for 2+ weeks: migrate

The npm ecosystem consensus (2026):
→ Bun is increasingly used as a package manager even in Node.js projects
→ (bun install works for Node.js projects, just faster)
→ Full Bun runtime adoption is growing but more cautious
→ Greenfield projects: strong Bun adoption
→ Existing production apps: slower, more careful migration

CI/CD with Bun: The Practical Migration

The highest-confidence Bun adoption case — and the one with the smallest risk surface — is replacing npm install with bun install in CI/CD pipelines while keeping Node.js as the runtime. This produces 10-15x faster install steps with zero compatibility risk, because bun install is just a package manager: it reads package.json, resolves dependencies, writes to node_modules, and produces a lockfile. The runtime that executes your code remains Node.js.

For GitHub Actions, the migration is two lines. Add oven-sh/setup-bun@v1 to your workflow, replace npm install with bun install, and optionally cache ~/.bun/install/cache for subsequent runs. The first run on a cold CI cache typically takes 2-5 seconds compared to 30-90 seconds for npm install --frozen-lockfile on a similar project. Subsequent runs with the cache hit take under 1 second. The effective CI cost reduction (in runner-minutes) is significant enough that teams on paid GitHub Actions plans see meaningful monthly savings.

The more ambitious migration — running your application, tests, and build with Bun — requires a staged approach. The recommended sequence for existing projects: first migrate the package manager only (one sprint, essentially zero risk). Then add bun test to run alongside your existing Jest/Vitest suite and compare results (one sprint, low risk). Then optionally switch the runtime for development (one sprint, medium risk). Finally, migrate production if development has been stable for 4+ weeks (one sprint, needs load testing). This four-stage approach takes longer than a weekend rewrite but produces much better outcomes: each stage provides a checkpoint, teams develop Bun-specific knowledge gradually, and production migration happens only after you've validated compatibility at every level.

The bun.lockb binary lockfile deserves specific mention. It's significantly faster to read than package-lock.json but is binary (not human-readable). For PR reviews, git diff on bun.lockb shows only changed package names, not version trees. Teams that relied on readable package-lock.json diffs to catch dependency changes should add bunx bun-lockb-diff or bun-outdated tooling to their review process to maintain the same visibility.

Debugging Bun in Production

Bun's observability story has improved substantially from its early versions, but it still differs from Node.js in ways that matter for production environments.

Crash reporting: Bun generates more detailed crash reports than Node.js by default. When Bun crashes, it writes a crash report to ~/.bun/crash with a segfault or similar low-level error. These crash reports are useful for filing bugs with the Bun team but aren't directly actionable for application developers. The more common production issue is application-level errors, which work identically to Node.js — uncaught exceptions, unhandled promise rejections, and process signals all behave the same.

APM compatibility: Sentry, Datadog, and New Relic all have Bun-compatible SDKs as of 2025. The integration paths are similar to Node.js, but there are edge cases around stack trace format parsing. Bun's stack traces use slightly different formatting for anonymous functions and async boundaries, which can cause APM tools to display source-mapped stacks incorrectly. The Sentry Bun SDK explicitly handles this; Datadog's Bun support is functional but may require configuring custom source map upload paths if your build produces non-standard output directories.

Logging: structured JSON logging works identically to Node.js. console.log(JSON.stringify({ level: 'info', msg: 'handled request' })) produces the same output in Bun and Node.js. Pino and Winston both work in Bun. The only logging-specific gotcha is the process.exit() flush behavior mentioned in the gotchas section — if you're using a logging library that buffers output before flushing, add explicit flush calls before process.exit() to avoid losing the last few log lines on graceful shutdown.

Performance profiling: Bun has a built-in profiler (CPU and memory) accessible via bun --inspect with Chrome DevTools connection. The profiler is Bun-specific — it shows Zig and C++ frames alongside JavaScript frames in the flame graph — which can make it harder to interpret for developers unfamiliar with Bun's internals. For application-level profiling (which functions are slow, not why Bun's runtime is slow), the standard Chrome DevTools CPU profiler produces actionable results. Memory profiling in Bun is still less mature than in Node.js's V8-based profiling toolchain, which means teams debugging memory leaks in Bun applications may need to rely more on heap snapshots exported to standard V8 format.

Bun's Position in the 2026 Ecosystem

The JavaScript runtime landscape in 2026 has three viable production options: Node.js (dominant, 15+ years of production hardening), Deno (TypeScript-native, strong on web standards compliance), and Bun (performance-first, growing compatibility). Each has a clear primary use case and a community that has validated it in production.

Bun's ecosystem position has solidified around specific strengths rather than universal replacement. The case for Bun as primary runtime is strongest when: (1) startup time matters (Lambda cold starts, CLI tools, short-lived serverless functions), (2) the project is greenfield with no native addon dependencies, (3) the team has budgeted time to handle the occasional compatibility edge case. The case for staying with Node.js is strongest when: (1) native addons are core to the project (sharp, canvas, bcrypt), (2) the team needs maximum ecosystem compatibility with no surprises, (3) the deployment environment doesn't support custom Docker images.

The download trend for Bun on npm shows consistent month-over-month growth that has continued through 2025 and into 2026. This growth is primarily driven by bun install adoption in CI/CD rather than runtime adoption — the package manager story has been easier to communicate and has zero compatibility risk. Runtime adoption is growing more slowly, concentrated in new projects rather than migrations of existing Node.js applications. This pattern is healthy: it suggests Bun is finding its real-world positioning as a package manager first, runtime second, rather than making adoption claims that outrun compatibility reality.

The community around Bun has grown substantially since 1.0. The Bun Discord server is active and technically sophisticated, with rapid triage of compatibility reports and frequent releases — often weekly — that address reported issues. The maintainer team (primarily at Oven SH, Bun's parent company) has shown willingness to break their own APIs in service of better compatibility when Node.js compatibility and Bun's original design conflict. This responsiveness is a meaningful signal about long-term maintainability, even for teams that aren't yet ready to adopt Bun in production.

The Team Adoption Decision: What Signals Matter

When teams evaluate whether to adopt Bun, they often focus on benchmarks — startup speed, HTTP throughput, install time. These numbers are real and significant. But the decision factors that actually drive adoption or rejection in practice are different from the benchmark headline numbers.

The most common adoption driver in 2026 is CI/CD pain. Teams that had a 60-second npm install step and saw it drop to 4 seconds after switching to bun install become evangelists within their organization. The value is visible, measurable, and requires zero application code changes. These teams often end up exploring Bun's runtime capabilities as a second step — they adopted the package manager for pragmatic reasons and then ask "what else can Bun do?" This organic discovery pattern has been more effective for Bun's adoption than direct runtime evangelism.

The most common adoption blocker is the first compatibility failure. A team that hits a native addon issue (sharp for image processing, bcrypt for password hashing) during an initial evaluation often abandons the evaluation entirely, even when the blocking package represents a small fraction of the project's functionality. The lesson for teams: before starting a Bun evaluation, audit your node_modules for any packages that use native addons (.node files) or list any package with node-gyp in their build scripts. These are the packages most likely to break. If the list is empty or small, the evaluation risk is low. If the list includes a core package like your database driver or image processing library, address that blocker first before investing in the broader migration.

The signals that predict successful Bun adoption in a team: greenfield project or major rewrite underway (no legacy compatibility debt), TypeScript-heavy codebase (Bun's native TypeScript execution is a meaningful DX win), and a performance-conscious culture that has already internalized the value of fast feedback loops. Teams that measure time-to-first-response in their CI pipelines, track cold start times on their serverless functions, and benchmark install time as an explicit metric are the teams most likely to adopt Bun and realize its benefits. Teams that treat these as "nice to have" rather than tracked metrics tend to deprioritize Bun even when the technical benefits are clear.

Bun's Impact on the npm Ecosystem

Bun's arrival changed behavior across the npm ecosystem in ways beyond just "another runtime." Three significant ecosystem effects are worth tracing.

First, Bun's bundler put pressure on esbuild's position as the fast bundler benchmark. Bun builds are faster than esbuild for many workloads, and Bun's bundler is still maturing. This pressure, combined with Rspack's progress, has forced the entire bundler landscape to accelerate. Vite's planned migration to an alternative bundler backend — Rolldown, which is a Rust rewrite of Rollup — is at least partly a response to the performance pressure Bun and Rspack created. The bundler ecosystem in 2026 is measurably faster than it was in 2023, and competitive pressure from Bun is a significant reason.

Second, Bun popularized the lockfile-as-performance story. bun.lockb — a binary lockfile — is significantly faster to read and write than yarn.lock or package-lock.json. In response, npm 7 and later improved lockfile performance, and pnpm already had competitive lockfile handling. The concept that your package manager is a CI performance bottleneck — which Bun made visceral with 15x faster installs — is now part of every CI/CD performance conversation. Teams that previously accepted a 45-second npm install as unavoidable now benchmark their install step and optimize it.

Third, Bun's built-in bun:test test runner accelerated migration away from Jest in the Bun community and beyond. The existence of a zero-config, Jest-compatible test runner built into the runtime normalized the idea that your runtime should include a test runner. This is now part of Node.js's own roadmap — the --experimental-test-runner flag became stable in Node.js 20, and Node's built-in test runner is a direct response to the pressure from Bun and Deno, both of which shipped built-in testing from day one. Bun didn't just compete with Node.js; it influenced Node.js's feature roadmap.

Bun Test vs Vitest: The Real Comparison

For teams running Bun, the choice between Bun's built-in test runner and Vitest comes down to ecosystem maturity and the specific tooling your tests depend on. Both are valid choices in 2026, and the decision framework is relatively clear.

Bun's test runner is Jest-compatible and fast. It reuses Bun's native runtime, so there's no separate V8 process startup. For a medium project, bun test completes in about 200ms cold start versus Vitest's 500ms and Jest's 6,000ms. The gap closes on subsequent runs in watch mode — both Bun and Vitest are fast enough that the difference becomes imperceptible for most test suites once the watcher is running.

Where Bun's test runner falls short in 2026: less mature mocking behavior, fewer third-party test utilities tested against bun:test, and inconsistent coverage reporting on complex TypeScript setups. Coverage with bun test --coverage is in active development and has improved substantially, but it still lags Vitest's coverage integration in edge cases involving path aliases and monorepo setups.

For greenfield projects using Bun as the runtime, bun:test is the default choice — it's fast, requires zero config, and the API is identical to Jest. If you're writing new code and have no existing test infrastructure, there's no reason to add Vitest as a dependency. For projects migrating from Node.js to Bun, or teams that rely on Jest ecosystem tooling — jest-axe for accessibility testing, @testing-library/jest-dom matchers, or custom Jest reporters — Vitest is the safer path. You can run Vitest on Bun as its pool runtime, which gives you the Vitest ecosystem with Bun's performance on the execution side.

The practical recommendation: use bun:test for new Bun projects with no prior Jest-ecosystem dependencies. Use Vitest if you have Jest-ecosystem tooling that you're not ready to audit, or if you need coverage tooling that Bun's built-in coverage doesn't yet fully support.

The 2026 Ecosystem Verdict

Eighteen months of production Bun deployments have clarified the use cases where adoption makes the most business sense.

CI/CD pipelines where bun install replaces npm install is the highest-confidence migration available. The 10–25x install speed improvement is real, the compatibility risk is essentially zero — you're just installing packages faster — and the only change required is switching one command in your CI config. Many teams have made this change on pure Node.js projects without touching the runtime at all. The cost is near-zero; the benefit is immediate.

New greenfield projects where performance matters at startup — APIs, CLI tools, background jobs — Bun's 3x startup advantage compounds over millions of invocations. Lambda cold starts that averaged 500ms are now 150ms. For these projects, Bun is the rational default in 2026. You're not paying a compatibility tax because you have no legacy compatibility to preserve.

Existing Node.js monoliths with native addon dependencies — sharp for image processing, bcrypt for password hashing, canvas for server-side rendering — are the cases where Bun migration is not worth it. The compatibility work required to find pure-JS alternatives for native modules often exceeds the performance benefit for mature applications with established workflows and teams that already know the tooling. The migration cost is real and the benefit, for a mature app that's not latency-sensitive, may not justify the disruption.

The ecosystem's emerging consensus is consistent enough to call a standard: Bun as package manager is universally recommended, even for Node.js projects. The install speed benefit requires no runtime compatibility work. Bun as runtime is recommended for new projects and worth testing for existing ones — but with a staged migration approach that runs production traffic on Node.js while validating Bun on staging for two or more weeks, rather than a one-weekend rewrite. The projects that have had the best outcomes with Bun migration are the ones that treated it as a measured performance optimization, not a wholesale platform switch.

Compare Bun vs Node.js download trends at PkgPulse.

Compare Bun and Node.js package health on PkgPulse.

See also: got vs node-fetch and Bun vs Vite, Best JavaScript Runtime in 2026: Node.js vs Deno vs Bun.

See the live comparison

View bun vs. node on PkgPulse →

The 2026 JavaScript Stack Cheatsheet

One PDF: the best package for every category (ORMs, bundlers, auth, testing, state management). Used by 500+ devs. Free, updated monthly.