Bun hardens fetch, spawn, and parser edges
Spec fixes, crash prevention, and Node-compatibility work landed across fetch, child process spawning, module loading, and markdown.
Read the issue →Spec fixes, crash prevention, and Node-compatibility work landed across fetch, child process spawning, module loading, and markdown.
Read the issue →Major runtime polish: HTMLRewriter refactor, stream/error semantics, WebSocket delivery fixes, Buffer bounds parity, and more.
Read the issue →Major day of Node compat, HTTP/WebSocket correctness, and crash/UAF fixes across Bun’s runtime and networking stack.
Read the issue →Bun fixed several crashers across async context, fetch, websockets, cloning, and source maps, plus a few HTTP correctness bugs.
Read the issue →Major fixes landed for FFI NaN-boxing, Fetch/HTTP backpressure, Node compatibility, and several crash/UAF bugs.
Read the issue →Multiple crash fixes and correctness fixes landed, including a patch-applier guard, router panic fix, and a markdown UAF repair.
Read the issue →Major stream refactor, Node-compat buffer error handling, and a panic/UAF fix in node:http landed today.
Read the issue →Major new APIs, memory-safety fixes, proxy stress coverage, and compression plumbing landed across Bun's runtime and HTTP stack.
Read the issue →Bun adds standalone-executable detection, expands node:vm parity, speeds sourcemap parsing, and tightens fs.cp/macOS behavior.
Read the issue →Backpressure now propagates through serve streams, a Windows fs.rm crash is fixed, and Linux epoll_pwait2 gets an Android-safe fallback.
Read the issue →Bun adds React Compiler integration, tightens JS linting, and expands build/runtime flags for debug/assertion profiles.
Read the issue →Big AST memory reduction lands alongside fs.open flag parity and a Node v8 snapshot API fix, plus a large fs test/behavior port.
Read the issue →Bun fixed a worker-pool shutdown stall, added trusted package listing, removed a Windows teardown crash probe, and landed a major node:http2 rewrite.
Read the issue →Big day for HTTP, net/tls, crypto, streams, and install correctness, plus several crash and leak fixes.
Read the issue →A packed day of crash fixes, correctness fixes, and a Node 26 compatibility bump across Bun's runtime and engine bindings.
Read the issue →Bun tightens Node/Web compatibility and fixes several native leaks and regressions in websocket, fetch, TLS, Postgres, and JSON5.
Read the issue →Bun tightened SQL helper validation, hardened pool scans against unassigned slots, and extended a few container test timeouts.
Read the issue →Bun’s Discord.js docs now walk through a working /ping bot, plus deployment notes and fixed guide links.
Read the issue →Notable bug fixes span SQL refactors, sourcemap output, fetch aborts, Windows lchown, and dev-server module flipping.
Read the issue →Bun tightened SQL pool shutdown/throw handling, deduped SQL internals, and refactored bake sourcemap dispatch to be type-erased.
Read the issue →Bake inspector code is split out, SQL pools now retry startup races, and CI gains smarter Docker coordination plus auto-retries.
Read the issue →Bun now distinguishes refused/early-close SQL connection failures, adds a new JS-visible error code, and tightens ArrayBuffer FFI safety.
Read the issue →Fixes REPL multi-byte input, two CSS parser/minifier DoS bugs, a dev-server CSS crash, and several runtime/refactor issues.
Read the issue →A heavy day of memory-safety fixes, stream/cache correctness, and test infrastructure hardening across Bun’s core runtime.
Read the issue →Bun fixed proxy Basic auth encoding, aarch64 crash-handler traps, and a bundler DCE bug; poll teardown got safer too.
Read the issue →A mixed day of crash fixes and minifier polish: Windows path overflow, DNS UTF-16 handling, empty compressed fetch bodies, and setter type safety.
Read the issue →Several crash fixes landed across sourcemaps, WebSocket close handling, NAPI finalizers, fetch proxy tunneling, and bundler memory safety.
Read the issue →Major stability and correctness work: security-minded CSS limits, HTTP/form parsing fixes, Blob slicing, base64url cleanup, and crash fixes.
Read the issue →