Bun v1.3.7 Bun v1.3.7 introduces significant performance improvements, including a 50% faster `Buffer.from()` for arrays, a JavaScriptCore engine upgrade, and upcoming optimizations for async/await, `Array.from()`, `string.padStart/padEnd`, and `array.flat()`. The update also adds ARM64 performance enhancements, Windows ARM64 JIT and interpreter support, and fixes several bugs, including a race condition in Web Workers and exception handling edge cases. Additionally, `fetch` now preserves HTTP header casing, and a new `Bun.wrapAnsi()` function provides native ANSI-aware text wrapping for CLI tools. To install Bun curl -fsSL https://bun.sh/install | bash npm install -g bun powershell -c "irm bun.sh/install.ps1|iex" scoop install bun brew tap oven-sh/bun brew install bun docker pull oven/bun docker run --rm --init --ulimit memlock=-1:-1 oven/bun To upgrade Bun bun upgrade Faster faster-buffer-from-with-arrays Buffer.from with arrays Buffer.from with arrays Buffer.from is now up to 50% faster when creating buffers from JavaScript arrays. js const data = 1, 2, 3, 4, 5, 6, 7, 8 ; const buf = Buffer.from data ; // ~50% faster This optimization bypasses unnecessary construction overhead and leverages JSC's internal array detection to use bulk copy operations for both integer and floating-point arrays. | Array size | Improvement | |---|---| | 8 elements | ~50% faster | | 64 elements | ~42% faster | | 1024 elements | ~29% faster | JavaScriptCore upgrade javascriptcore-upgrade Bun's underlying JavaScript engine has been upgraded to the latest version of WebKit's JavaScriptCore, bringing performance improvements and bug fixes. Faster async/await faster-async-await In the next version of Bun & Safari — Bun @bunjavascript async/await gets 35% faster, thanks to @Constellation pic.twitter.com/XhUuiIwzRX January 15, 2026 Faster faster-array-from-arguments Array.from arguments Array.from arguments In the next version of Bun & Safari — Bun @bunjavascript Array.from set , Array.from arguments , Array.from map.keys , Array.from map.values gets up to 2x faster thanks to @ sosukesuzuki https://t.co/gC8ljFQBDI January 15, 2026 Faster string.padStart & string.padEnd faster-string-padstart-string-padend In the next version of Bun & Safari — Bun @bunjavascript string.padStart len, fill & string.padEnd len, fill get up to 90% faster, thanks to @ sosukesuzuki https://t.co/TdJTfs6B5G January 15, 2026 Faster faster-array-flat array.flat array.flat In the next version of Bun & Safari — Bun @bunjavascript array.flat gets up to 3x faster, thanks to @ sosukesuzuki https://t.co/3Oll89bxGf January 15, 2026 ARM64 Performance Improvements arm64-performance-improvements On Apple Silicon and other ARM64 platforms, compound boolean expressions like if x === 0 && y === 1 now compile to more efficient conditional compare instruction chains ccmp / ccmn , reducing branch mispredictions and code size. Additionally, floating-point constants can now be materialized directly in registers using ARM64 vector instructions, avoiding unnecessary memory loads. Windows ARM64 windows-arm64 We've added JIT & interpreter support for Windows ARM64 to JavaScriptCore. This was the main blocker for unblocking Windows ARM64 support in Bun. We don't yet support Windows ARM64 in Bun, but it's coming soon. Bug Fixes bug-fixes Fixed: Race condition in thread termination that could cause issues when using Web Workers Fixed: Exception handling edge cases where termination exceptions could be incorrectly cleared during iterator operations and promise handling Fixed: Functions loaded from bytecode cache now correctly respect JIT compilation thresholds instead of compiling immediately on first execution fetch now preserves header case when sending HTTP requests fetch now preserves header case when sending HTTP requestsHTTP headers are technically case-insensitive per RFC 7230, but many APIs expect specific casing. Previously, Bun would lowercase all headers when sending HTTP requests e.g., authorization instead of Authorization , which could break compatibility with services that require exact header names. Now, fetch and the node:https module preserve the original casing of headers exactly as you define them, matching Node.js behavior. // Headers are now sent with their original casing await fetch "https://api.example.com/data", { headers: { "Authorization": "Bearer token123", // sent as "Authorization" "Content-Type": "application/json", // sent as "Content-Type" "X-Custom-Header": "value", // sent as "X-Custom-Header" }, } ; // Also works with the Headers object const headers = new Headers ; headers.set "Content-Type", "text/plain" ; // sent as "Content-Type" Bun.wrapAnsi for ANSI-aware text wrapping Bun.wrapAnsi for ANSI-aware text wrappingBun now includes Bun.wrapAnsi , a native implementation of the popular wrap-ansi https://www.npmjs.com/package/wrap-ansi npm package. It wraps text to a specified column width while preserving ANSI escape codes, making it ideal for CLI tools that need to handle colored or styled output. js const text = "\x1b 31mThis is a long red text that needs wrapping\x1b 0m"; const wrapped = Bun.wrapAnsi text, 20 ; // Wraps at 20 columns, preserving the red color across line breaks API api Bun.wrapAnsi text: string, columns: number, options?: { // Break words longer than columns default: false hard?: boolean; // Wrap at word boundaries default: true wordWrap?: boolean; // Trim leading/trailing whitespace default: true trim?: boolean; // Treat ambiguous-width chars as narrow default: true ambiguousIsNarrow?: boolean; } : string Features features - Preserves ANSI escape codes SGR colors/styles - Supports OSC 8 hyperlinks - Respects Unicode display widths full-width characters, emoji - Normalizes carriage return newline to newline Performance performance Bun.wrapAnsi is 33–88x faster than the wrap-ansi npm package: | Benchmark | npm | Bun | Speedup | |---|---|---|---| | Short text 45 chars | 25.81 µs | 685 ns | 37x | | Medium text 810 chars | 568 µs | 11.22 µs | 50x | | Long text 8100 chars | 7.66 ms | 112 µs | 68x | | Hard wrap colored | 8.82 ms | 174 µs | 50x | | No trim long | 8.32 ms | 93.92 µs | 88x | Markdown CPU Profile Output markdown-cpu-profile-output Bun's built-in CPU profiler now supports a --cpu-prof-md flag that generates profiling data in Markdown format, making it easy to share profiles on GitHub or analyze them with LLMs. Generate markdown profile only bun --cpu-prof-md script.js Generate both Chrome DevTools JSON and markdown formats bun --cpu-prof --cpu-prof-md script.js The markdown output includes: Summary table with duration, sample count, and interval Hot functions ranked by self-time percentage Call tree showing total time including children Function details with caller/callee relationships File breakdown showing time spent per source file All existing flags work with the new format: --cpu-prof-name for custom filenames --cpu-prof-dir for custom output directories Heap Profiling with heap-profiling-with-heap-prof --heap-prof --heap-prof Bun now supports heap profiling via new CLI flags, making it easier to diagnose memory leaks and analyze memory usage in your applications. Generate V8-compatible heap snapshot opens in Chrome DevTools bun --heap-prof script.js Generate markdown heap profile for CLI analysis with grep/sed/awk bun --heap-prof-md script.js Specify output location bun --heap-prof --heap-prof-dir ./profiles --heap-prof-name my-snapshot.heapsnapshot script.js The --heap-prof flag generates .heapsnapshot files that can be loaded directly into Chrome DevTools for visual analysis. The --heap-prof-md flag generates a markdown report optimized for command-line analysis: Summary | Metric | Value | | --------------- | -------: | | Total Heap Size | 208.2 KB | | Total Objects | 2651 | | GC Roots | 426 | Top 50 Types by Retained Size | Rank | Type | Count | Self Size | Retained Size | | ---: | ----------- | ----: | --------: | ------------: | | 1 | Function | 568 | 18.7 KB | 5.4 MB | | 2 | Structure | 247 | 27.0 KB | 2.0 MB | The markdown format includes searchable object listings, retainer chains showing how objects are kept alive, and quick grep commands for finding memory issues: grep 'type=Function' profile.md Find all Function objects grep 'size= 0-9 \{5,\}' profile.md Find objects = 10KB grep 'gcroot=1' profile.md Find all GC roots Native JSON5 Support native-json5-support Bun now includes a built-in JSON5 parser with Bun.JSON5.parse and Bun.JSON5.stringify , plus native .json5 file imports. JSON5 https://json5.org/ is a superset of JSON that adds developer-friendly features like comments, trailing commas, unquoted keys, single-quoted strings, and hexadecimal numbers. It's used by major projects including Chromium, Next.js, Babel, and WebStorm. js // Parse JSON5 strings const config = Bun.JSON5.parse { // Database configuration host: 'localhost', port: 5432, ssl: true, } ; // Stringify objects to JSON5 const output = Bun.JSON5.stringify { name: "app", version: 1 } ; // Import .json5 files directly import settings from "./config.json5"; JSON5 is particularly useful for configuration files where comments and trailing commas improve readability and maintainability. Bun.JSONL for Streaming JSONL Parsing Bun.JSONL for Streaming JSONL ParsingBun now has built-in support for parsing JSONL https://jsonlines.org/ newline-delimited JSON . The parser is implemented in C++ using JavaScriptCore's optimized JSON parser, providing fast parsing for both complete inputs and streaming use cases. Bun.JSONL.parse Bun.JSONL.parse Parse a complete JSONL string or Uint8Array and return an array of all parsed values: js const results = Bun.JSONL.parse '{"name":"Alice"}\n{"name":"Bob"}\n' ; // { name: "Alice" }, { name: "Bob" } // Also works with Uint8Array UTF-8 BOM automatically skipped const buffer = new TextEncoder .encode '{"a":1}\n{"b":2}\n' ; const records = Bun.JSONL.parse buffer ; // { a: 1 }, { b: 2 } Bun.JSONL.parseChunk Bun.JSONL.parseChunk For streaming scenarios, parseChunk parses as many complete values as possible and returns how far it got—useful when receiving data incrementally from a network stream: js const chunk = '{"id":1}\n{"id":2}\n{"id":3'; const result = Bun.JSONL.parseChunk chunk ; result.values; // { id: 1 }, { id: 2 } result.read; // 17 — characters consumed result.done; // false — incomplete value remains result.error; // null — no parse error Use read to slice off consumed input and carry forward the remainder: js let buffer = ""; for await const chunk of stream { buffer += chunk; const result = Bun.JSONL.parseChunk buffer ; for const value of result.values { handleRecord value ; } // Keep only the unconsumed portion buffer = buffer.slice result.read ; } S3 s3-presign-now-supports-contentdisposition-and-type-options presign now supports contentDisposition and type options presign now supports contentDisposition and type optionsFixed an issue where S3File.presign was ignoring the contentDisposition and type options when generating presigned URLs. These options are now properly included as response-content-disposition and response-content-type query parameters. This is particularly useful when you want browsers to download files as attachments instead of displaying them inline: js import { S3Client } from "bun"; const s3 = new S3Client { region: "us-east-1", endpoint: "https://s3.us-east-1.amazonaws.com", accessKeyId: process.env.AWS ACCESS KEY ID, secretAccessKey: process.env.AWS SECRET ACCESS KEY, bucket: "my-bucket", } ; const file = s3.file "report.pdf" ; const url = file.presign { method: "GET", expiresIn: 900, contentDisposition: 'attachment; filename="quarterly-report.pdf"', type: "application/octet-stream", } ; // URL now includes response-content-disposition and response-content-type parameters bun pm pack now respects changes to package.json from lifecycle scripts bun pm pack now respects changes to package.json from lifecycle scripts bun pm pack now re-reads package.json after running prepack , prepare , and prepublishOnly scripts, ensuring any modifications made by these scripts are included in the tarball. This matches npm's behavior and enables compatibility with tools like clean-package https://github.com/roydukkey/clean-package that modify package.json during the pack process. // package.json { "name": "my-package", "version": "1.0.0", "scripts": { "prepack": "node prepack.js" }, "description": "Original description", "devDependencies": { / ... / } } // prepack.js - removes devDependencies before packing const fs = require 'fs' ; const pkg = JSON.parse fs.readFileSync 'package.json', 'utf8' ; delete pkg.devDependencies; pkg.description = 'Production build'; fs.writeFileSync 'package.json', JSON.stringify pkg, null, 2 ; Previously, the tarball would contain the original package.json . Now it correctly contains the modified version. node:inspector Profiler API node:inspector Profiler APIBun now implements the node:inspector Profiler API for CPU profiling via the Chrome DevTools Protocol. Supported methods: Profiler.enable / Profiler.disable Profiler.start / Profiler.stop Profiler.setSamplingInterval Both callback node:inspector and promise node:inspector/promises APIs are supported. python import inspector from "node:inspector/promises"; const session = new inspector.Session ; session.connect ; await session.post "Profiler.enable" ; await session.post "Profiler.start" ; // ... code to profile ... const { profile } = await session.post "Profiler.stop" ; await session.post "Profiler.disable" ; // profile is in Chrome DevTools Protocol format - Fixed: Bun.profile from bun:jsc returning empty traces on subsequent calls Faster faster-buffer-swap16-and-buffer-swap64 Buffer.swap16 and Buffer.swap64 Buffer.swap16 and Buffer.swap64 Buffer.swap16 is now 1.8x faster and Buffer.swap64 is now 3.6x faster by using optimized CPU intrinsics instead of byte-by-byte swapping loops. js const buf = Buffer.alloc 64 1024 ; // Swap byte pairs in-place e.g., for UTF-16 encoding conversion buf.swap16 ; // Swap 8-byte chunks in-place e.g., for 64-bit integer endianness buf.swap64 ; | Operation | Before | After | Improvement | |---|---|---|---| | swap16 | 1.00 µs | 0.56 µs | 1.8x faster | | swap64 | 2.02 µs | 0.56 µs | 3.6x faster | Bun now matches or exceeds Node.js performance for all buffer swap operations. Fixed: Bun.stringWidth - grapheme breaking with GB9c Support fixed-bun-stringwidth-grapheme-breaking-with-gb9c-support Bun's grapheme breaking implementation has been upgraded to properly support Unicode's GB9c rule for Indic Conjunct Break. This means Devanagari and other Indic script conjuncts now correctly form single grapheme clusters. Previously, Indic conjunct sequences consonant + virama + consonant were incorrectly split into multiple grapheme clusters. Now Bun.stringWidth and other string operations handle these scripts correctly: // Devanagari conjuncts now correctly treated as single grapheme clusters Bun.stringWidth "क्ष" ; // Ka+Virama+Ssa → width 2 single cluster Bun.stringWidth "क्‍ष" ; // Ka+Virama+ZWJ+Ssa → width 2 single cluster Bun.stringWidth "क्क्क" ; // Ka+Virama+Ka+Virama+Ka → width 3 single cluster This update also reduces the internal table size from ~70KB to ~51KB while adding more comprehensive Unicode support. Next.js 16 Cache Components compatibility next-js-16-cache-components-compatibility Added the idleStart property to Timeout objects returned by setTimeout and setInterval , matching Node.js behavior. This property returns a monotonic timestamp in milliseconds representing when the timer was created or last rescheduled. This fixes compatibility with Next.js 16's Cache Components feature, which relies on this internal property to coordinate timers. js const timer = setTimeout = {}, 1000 ; console.log timer. idleStart ; // monotonic timestamp in ms clearTimeout timer ; replMode option for Bun.Transpiler replMode option for Bun.Transpiler A new replMode option for Bun.Transpiler transforms code for interactive REPL evaluation. This enables building a Node.js-compatible REPL using Bun.Transpiler with vm.runInContext for persistent variable scope. Key features: Variable hoisting : var / let / const declarations are hoisted outside the IIFE wrapper for persistence across REPL lines: Allows re-declaration in subsequent REPL inputs const → let conversion Expression result capture : Wraps the last expression for easy result extraction Object literal detection : Auto-detects {a: 1} as an object literal instead of a block statement Top-level await support : Automatically uses async IIFE wrappers when needed python import vm from "node:vm"; const transpiler = new Bun.Transpiler { loader: "tsx", replMode: true, } ; const context = vm.createContext { console, Promise } ; async function repl code: string { const transformed = transpiler.transformSync code ; const result = await vm.runInContext transformed, context ; return result.value; } // Variables persist across REPL lines await repl "var x = 10" ; // 10 await repl "x + 5" ; // 15 // Classes and functions are hoisted to the context await repl "class Counter {}" ; // class Counter await repl "new Counter " ; // Counter {} // Object literals are auto-detected await repl "{a: 1, b: 2}" ; // {a: 1, b: 2} // Top-level await works await repl "await Promise.resolve 42 " ; // 42 Increased Maximum HTTP Header Count increased-maximum-http-header-count The maximum number of HTTP headers allowed in requests and responses has been doubled from 100 to 200. This improves compatibility with services that send many headers, such as APIs with extensive metadata or proxies that append multiple forwarding headers. WebSocket URL Credentials Support websocket-url-credentials-support WebSocket connections now properly forward credentials embedded in URLs as Basic Authorization headers, matching Node.js behavior. When connecting to a WebSocket URL with embedded credentials like ws://user:pass@host , Bun now automatically extracts the credentials and sends them as a properly encoded Authorization: Basic header during the WebSocket upgrade handshake. js // Credentials are now automatically forwarded const ws = new WebSocket "ws://username:password@example.com/socket" ; // User-provided Authorization headers take precedence const ws2 = new WebSocket "ws://user:pass@example.com/socket", { headers: { Authorization: "Bearer custom-token", // This will be used instead }, } ; This fixes compatibility with services like Puppeteer connecting to remote browser instances e.g., Bright Data's scraping browser that require URL-based authentication. Faster JavaScript Built-ins faster-javascript-built-ins Bun v1.3.7 upgrades WebKit, bringing significant performance improvements to several JavaScript built-in methods: String methods: String.prototype.isWellFormed and String.prototype.toWellFormed are 5.2-5.4x faster using simdutf RegExp methods: RegExp.prototype Symbol.matchAll and RegExp.prototype Symbol.replace reimplemented in C++ S3 s3-contentencoding-option contentEncoding Option contentEncoding OptionBun's S3 client now supports setting the Content-Encoding header when uploading objects via .write and .writer methods. This is useful when uploading pre-compressed content to S3, allowing you to specify encodings like gzip , br Brotli , or deflate : js import { s3 } from "bun"; const file = s3.file "my-bucket/data.json.gz" ; // With .write await file.write compressedData, { contentEncoding: "gzip" } ; // With .writer const writer = file.writer { contentEncoding: "gzip" } ; writer.write compressedData ; await writer.end ; // With bucket.write const bucket = s3.bucket "my-bucket" ; await bucket.write "data.json.br", brotliData, { contentEncoding: "br" } ; bun:ffi now respects C INCLUDE PATH and LIBRARY PATH environment variables bun:ffi now respects C INCLUDE PATH and LIBRARY PATH environment variablesBun's built-in C compiler bun:ffi now respects the standard C INCLUDE PATH and LIBRARY PATH environment variables. This fixes compilation on NixOS and other systems that don't use standard FHS paths like /usr/include or /usr/lib . js import { cc } from "bun:ffi"; const { symbols: { hello }, } = cc { source: "./hello.c", symbols: { hello: { returns: "int", }, }, } ; // On NixOS, set C INCLUDE PATH and LIBRARY PATH to point to your Nix store paths // C INCLUDE PATH=/nix/store/.../include LIBRARY PATH=/nix/store/.../lib bun run hello.js Dependency updates dependency-updates - Bun now uses Mimalloc v3 for the natively-managed memory heap. This reduces memory usage in multi-threaded scenarios. Please let us know if you run into any increases in memory usage. - LOLHTML updated to v2.7.1 - TinyCC has been updated to the latest version, and we've implemented Windows ARM64 support. - BoringSSL has been updated. Bugfixes bugfixes Bundler bugfixes bundler-bugfixes - Fixed: CSS logical border-radius properties border-start-start-radius , border-start-end-radius , border-end-end-radius , border-end-start-radius being silently dropped by the CSS bundler. - Fixed: Bundler producing invalid JavaScript when minifying files with both default and named imports from the "bun" module e.g., import bun, { embeddedFiles } from "bun" due to missing semicolons between statements - Fixed: a panic in the bundler when using code splitting on Windows - Fixed: Bundler's module.exports = require redirect optimization being disabled when legal comments / ... / were present in wrapper modules like Express's index.js , resulting in unnecessary wrapper functions in the output - Fixed: Crash in bun build when using macros - Fixed: Bun.build hanging indefinitely when called from within a macro during bundling—now throws a clear error explaining the deadlock and suggesting Bun.spawnSync as a workaround. - Fixed: reactFastRefresh in bun.build now works with non-browser targets - Fixed: Bundler producing duplicate export statements when one entry point re-exports from another entry point with code splitting enabled. - Fixed: Bundler generating invalid import paths missing ./ prefix when a file imports from the same directory in code-split builds. - Fixed: Named Function Expressions Shadowing Outer Symbols bun build --compile bun build --compile - Fixed: Compiled binaries with autoloadBunfig: false incorrectly loading bunfig.toml when execArgv was also provided - Fixed: Native module export corruption when using bun build --compile with multiple NAPI modules on Linux, where the second module would incorrectly receive the first module's exports - Fixed: Standalone executables compiled with --compile-exec-argv incorrectly intercepting --version , -v , --help , and -h flags before user code could handle them, breaking CLI applications using libraries like Commander.js that define their own version and help commands - Fixed: Lazy-loaded chunks from dynamic imports not appearing in frontend.files when using --splitting with --compile in fullstack builds - Fixed: BUN OPTIONS environment variable not being applied as runtime options for standalone executables created with bun build --compile , which caused options like --bun to incorrectly appear in process.argv instead of being parsed as Bun runtime options. - Fixed: Incorrect offset calculations in single-file executables on non-ARM64 macOS platforms when codesigning was not enabled - Fixed a crash when running standalone executables with bytecode cache on Windows caused by incorrect bytecode alignment in PE sections. bun install bun install - Fixed: bun update --interactive not selecting packages when pressing 'l' to toggle between Target and Latest versions, causing the underline indicator to disappear and packages to be excluded when confirming - Fixed: bun install --yarn generating invalid yarn.lock files when using workspace: dependencies in monorepos - Fixed: bun install --frozen-lockfile incorrectly using the default npm registry instead of scope-specific registries configured in bunfig.toml when the lockfile had an empty registry URL for scoped packages e.g., @orgname/package . - Fixed: bun install now shows the dependency name in error messages when a file: path resolution fails due to a stale lockfile, instead of the misleading "Bun could not find a package.json file to install from" error. - Fixed: bun add crashing with "panic: Assertion failure: Expected metadata to be set" when HTTP requests fail before receiving response headers e.g., network connection refused, firewall blocking requests, or timeouts bun test bun test - Fixed: bun test --inspect now properly sends TestReporter.found , TestReporter.start , and TestReporter.end events to debugger clients that connect after test discovery has begun, enabling IDE integrations and debugging tools to receive real-time test execution telemetry without requiring --inspect-wait . - Fixed: assert.partialDeepStrictEqual incorrectly requiring exact equality for Map objects instead of checking if the expected Map is a subset of the actual Map - Fixed: jest.useRealTimers not properly removing the setTimeout.clock property, which broke React Testing Library and other libraries that detect fake timers using hasOwnProperty checks Bun.serve Bun.serve - Fixed: Exporting a Server instance from Bun.serve as the default export no longer causes a "Maximum call stack" error. Bun's entry point wrapper previously detected the fetch method on the running server and incorrectly tried to call Bun.serve on it again. - Fixed: Scripts that export globalThis e.g., module.exports = globalThis or export default globalThis no longer incorrectly trigger Bun's auto-serve detection and start a development server on port 3000 - Fixed: --no-clear-screen flag and BUN CONFIG NO CLEAR TERMINAL ON RELOAD environment variable not being respected during HMR reloads when using Bun.serve with hmr: true Bun Shell bun-shell - Fixed: ls -l in Bun's shell now correctly displays long listing format with file type, permissions, hard link count, UID, GID, size, modification time, and filename instead of showing the same output as ls without flags - Fixed: Crash in shell interpreter when an error occurred during initialization in certain cases - Fixed: $ ... .cwd "." , .cwd "" , and .cwd "./" in Bun shell causing ENOENT errors with paths ending in "undefined" when used in loops Bun APIs bun-apis - Fixed: Added missing stack overflow checks in Bun.JSONC.parse and Bun.TOML.parse node:http2 node:http2 - Fixed: HTTP/2 streams sending an extra empty DATA frame when using req.write data followed by req.end , which caused AWS ALB and other strict HTTP/2 servers to reject connections with NGHTTP2 FRAME SIZE ERROR - Fixed: initial stream window size to use DEFAULT WINDOW SIZE until SETTINGS ACK is received per RFC 7540 Section 6.5.1 - Fixed: HTTP/2 streams failing with NGHTTP2 PROTOCOL ERROR when connecting to Fauna - Fixed: gRPC requests failing with NGHTTP2 FRAME SIZE ERROR when servers advertise non-default maxFrameSize settings regression since v1.2.16 - Fixed: Settings validation using incorrect integer conversion that truncated large values - Improved: properly adjusts existing stream windows when INITIAL WINDOW SIZE setting changes - Improved: implements maxHeaderListSize checking per RFC 7540 Section 6.5.2 - Improved: tracks cumulative header list size using HPACK entry overhead - Improved; adds validation for customSettings option up to 10 custom settings, matching Node.js - Improved: validates setting IDs and values per RFC 7540 specifications Fetch API fetch-api - Fixed: Hypothetical crash when using HTTP proxy with redirects if the socket closes during redirect processing - Fixed: fetch mTLS incorrectly used the first client certificate for subsequent keepalive requests to the same host, ignoring per-request tls options - Fixed: Request.prototype.text incorrectly throwing "TypeError: undefined is not a function" in certain cases under load - Fixed: Request constructor ignoring cache and mode options - Fixed: NO PROXY environment variable not respecting port numbers e.g., NO PROXY=localhost:8080 would incorrectly bypass the proxy for all requests to localhost regardless of port node:fs node:fs - Fixed: realpathSync blocking indefinitely when called on a FIFO named pipe on POSIX systems - Fixed: Bun.Glob and fs.readdirSync with recursive: true failing to find files on bind-mounted filesystems, FUSE, NFS, and some ext4 configurations in Docker environments - Fixed: fs.Dirent.isFIFO incorrectly returning true for files on sshfs, NFS, and other remote filesystems that don't populate d type - Fixed: fs.watch on directories not emitting change events for file modifications on Linux. Previously, when watching a directory, files created after the watch was established would only emit a rename event on creation, but subsequent modifications would not emit change events. node:https & TLS node:https & TLS- Fixed: TLS options ca , cert , key , passphrase , ciphers , servername , secureOptions , rejectUnauthorized from agent.options and agent.connectOpts not being respected in the https module, improving compatibility with libraries like https-proxy-agent - Fixed: race condition where request.socket. secureEstablished could return false in HTTPS request handlers even after the TLS handshake had completed - Fixed: TLS v1.2 renegotation rejectUnauthorized option being incorrectly ignored in TLS socket setVerifyMode , which could cause certificate verification to behave unexpectedly during TLS renegotiation. node:http node:http - Request bodies in GET requests are now supported. - Fixed: Multipart uploads with form-data + node-fetch@2 + fs.createReadStream being truncated WebSocket websocket-ws ws ws - Fixed: handleProtocols option in ws WebSocketServer not correctly setting the selected protocol in WebSocket upgrade responses - Fixed: ws.once only working on the first call for each event type in the ws package Node-API NAPI node-api-napi - Fixed: crash in Node-API that caused corrupted data when using native modules like impit . The first issue occurred when property name strings were freed by the caller but Bun retained dangling pointers in the atom string table. The second issue occurred when extracting .buffer from an external buffer would prematurely free the backing data when the original Buffer was garbage collected. Streams streams - Fixed: ReadableStreamDefaultController.desiredSize throwing TypeError: null is not an object instead of returning null when accessing it after the stream has been detached during cleanup e.g., when piping a ReadableStream body to fetch and the downstream closes unexpectedly bun:sql MySQL bun:sql MySQL - Fixed: MySQL transactions hanging when executing sequential transactions in a loop where an INSERT is awaited inside the transaction callback and a SELECT query is returned as an array without being awaited - Fixed: MySQL VARCHAR/CHAR/TEXT columns with binary collations like utf8mb4 bin incorrectly returning Buffer instead of string Bun.Terminal Bun.Terminal - Fixed: Bun.Terminal callbacks data , exit , drain not being invoked when the terminal was created inside AsyncLocalStorage.run Memory Management memory-management - Fixed: Memory leak in YAML parser - Fixed: Memory leak when sockets are reused for reconnection common with MongoDB driver-like usage CLI & Tooling cli-tooling - Fixed: bun completions crashing with BrokenPipe error when piped to commands that close stdout early e.g., bun completions | true - Fixed: Fish shell autocompletion not working for bun update command and its flags like --global , --dry-run , --force - Fixed: bun init --minimal incorrectly creating Cursor rules files and CLAUDE.md when the --minimal flag should only create package.json and tsconfig.json - Fixed: bun