So, anybody using Bun? Does it live up to hype?
So the argument for using this over a regular stack trace is that they don't have to ship megabytes of debug symbols. However they have seemingly just ignored the better option of only including function names in the debug table, which is obviously a much nicer option than having to use a web service to view you stack trace.
This isn't just a theoretical solution either, it's already implemented in LLVM: https://clang.llvm.org/docs/UsersManual.html#cmdoption-gline...
"they have seemingly just ignored the better option...obviously much nicer"
This comes off a bit presumptuous. I would assume that they are aware this is a possibility.
"having to use a web service to view you stack trace"
This is just not a downside that matters for this usage scenario. It's almost the same story as minifying your frontend JS bundle, uploading source maps to Sentry, then using Sentry to view an unminified stack trace from a user's browser. The user was never going to view that stack trace anyway, and I am not bothered by having to use Sentry to view it - I never would have seen it at all otherwise.
The user was never going to view that stack trace anyway
Speak for yourself.
The ability to understand and affect what's going on in your own user agent is important not just to users having control over their own devices, it changes the social fabric. You can't get interested in how something works because to you it's an opaque blob whose priests have declared you unworthy. Curiosity suppressed. That's bad for the kids.
if you want that you can always just run the application with debug symbols, no?
The user is all too often not provided with debug symbols.
I am not bothered by having to use Sentry to view it
I am. And by source maps in general.
On the note of awareness of possibilities vs ignorance, I found this thread on HN to be gold: https://news.ycombinator.com/item?id=37592471
The creator of Vue pointed out a new feature for Svelte was a similar feature that Vue had tried and discarded. The creator of Svelte showed up to explain their position; I thought their exchange was illuminating. I was also impressed by Vue's research & experimentation.
This comes off a bit presumptuous. I would assume that they are aware this is a possibility.
They don't present it here, they justify their solution by claiming that the existing solution is bad because it includes several megabytes of debug symbols.
If you criticize something where you have no context, were not part of the discussions and aware of the trade offs that were made it comes across a bit arrogant to say they should “obviously” “just” do something else.
There’s other ways to suggest an alternative solution.
Maybe it comes off that way a bit, but I can only go off what's in the blog post where they begin by calling the existing solution bloated in order to justify their new solution without ever mentioning that the debug table contains much more than just function names and line number mappings.
I do think it should be obvious that displaying text directly in the console is better than relying on a web service to display that same text.
Another option on macOS/iOS is to ship just the LC_FUNCTION_STARTS section in the Mach-O binary. This is how symbolication can discover function names from system libraries even without full debug symbols on those platforms.
These can still be large. I generally include them unconditionally because I think they bring value but most software does not.
the argument for using this over a regular stack trace is that they don't have to ship megabytes of debug symbols
No, it’s because almost nobody has enough patience to upload a crash report for a GitHub issue. It has to be easy. Making it a URL that autofills the form with almost everything we need makes it easy. The size matters too, we didn’t want it to have downsides for our users, but the important thing is making this whole process really easy for the user so that enough developers actually upload crash reports.
Unpopular opinion …
Please use the same TLD for all your services.
Don’t do: Bun.sh, and now Bun.report
It’s confusing for users and also a security vector.
Just make it report.bun.sh
I don't know if it's unpopular. That's literally how domains are designed to function and have done by and large for decades
I think marketing folks like to send emails from a different domain so they can send transactional and marketing emails from different domains altogether (not just subdomains). Not sure if this is evidence based or just plain voo doo / monkey-see-monkey-do but I’ve read this in multiple places. But of course, that doesn’t apply here.
The obvious long-term solution is to obtain the .bun gTLD in the next round of applications (expected 2026)
there have been discussions about this
Another vote for same TLD. I’d dare say this should be the default position for everything (except toy projects).
Did you know that bun needs to download 37 packages before the repl becomes available? No internet no repl for you.
PS C:\Users\anon> bun repl
bun-repl [6/6]
error: FailedToOpenSocket downloading package manifest bun-repl
error: bun-repl@latest failed to resolve
Not a big deal, but I was expecting (and frankly excited) to have a single no-install executable to drop in my PATH and have it just work!We haven’t prioritized implementing a repl yet. The current repl is a community-implemented bun-repl npm package. `bun repl` internally does the equivalent of `bunx bun-repl`
Sounds like a security nightmare.
Does `bun foobar` translate to `bunx bun-foobar` as well?
Does `bun foobar` translate to `bunx bun-foobar` as well?
No.
Microsoft is really good at this BTW. At SQL Server we had mini dumps they were tiny stripped out of personal info and incredibly useful. And a full dump of a production SQL Server even at that time (15 years ago) would be a huge file - too big to move around.
Curious - was this for Microsoft internal services or customer deployments? If the latter, how did they know what was PII?
I believe you had to opt in and it has some legal language before it. All the data pages were stripped and SQL Servers stores all data in the buffer pool. But of course you could find some stuff on the stack and other caches.
Possibly this was used MiniDumpFilterTriage (from https://learn.microsoft.com/en-us/windows/win32/api/minidump...) and some of other stripping/scrubbing data fields.
This one fills all non-null ptr in the callstack (and other areas?) with 0xAAAAAAAA
I actually had to fix this for us two weeks ago, as our internal tools were crashing on the CI with this, and it wasn't helpful (to us), but at the same time understand how important is for this if shipped to external customers.
Crashdumps are underrated field that needs more eyes to solve the big data problem there.
I just cannot get excited for this VC funded experimental piece of technology. 10 years ago, maybe. Node.js is not going anywhere anytime soon.
They used to say "perl is not going anywhere", too, and it turns out they were right.
Turns out a full rewrite turns people away.
Still plenty of UNIX admins keep using Perl 5.
Python and PHP weren't VC-funded projects.
Bun is amazing, but I recently tried to make an http/2 server through fastify and was not able to:
user@host:~/d/temp/server$ bun run index_fastify.js
14 | warned.add(feature), console.warn(new NotImplementedError(feature, issue));
15 | }, $;
16 |
17 | class NotImplementedError extends Error {
18 | code;
19 | constructor(feature, issue) {
^
NotImplementedError: node:http2 createServer is not yet implemented in Bun. Track the status & thumbs up the issue: https://github.com/oven-sh/bun/issues/887
code: "ERR_NOT_IMPLEMENTED"
at new NotImplementedError (internal:shared:19:27)
at internal:shared:2:69
at node:http2:48:53
at getServerInstance (/Users/user/d/temp/server/node_modules/fastify/lib/server.js:342:16)
at createServer (/Users/user/d/temp/server/node_modules/fastify/lib/server.js:25:18)
at fastify (/Users/user/d/temp/server/node_modules/fastify/fastify.js:198:30)
at /Users/user/d/temp/server/index_fastify.js:4:13
The linked issue is actually about implementing support for http/2 clients, which was already released in v1.0.13 (https://bun.sh/blog/bun-v1.0.13#http2-client-support). The NotImplementedError message should be updated to point to the issue for the server variant: https://github.com/oven-sh/bun/issues/8823Implementing http/2 server support is in the top few feature requests (https://github.com/oven-sh/bun/issues?q=is%3Aissue+is%3Aopen...). It looks like once they ship this, a lot more people will be able to move over to Bun.
That's just the status of Bun. Wait for implementations -> turns out you need more implementations of other APIs once that's done -> wait some more -> it comes out but will crash at various edge cases -> wait some more -> repeat. Bun is just too early in its lifecycle. Very hopeful for the project though!
Yes, but http2 is one of the few features Bun is missing. Overall it's pretty complete.
Bun seems really compelling. I tried it out for a couple of small example projects and I like the speed and the fact that it combines package management and a JS runtime. However, I use Dependabot on most of my serious projects. I know work is under way, or at least there is some discussion in a couple of repo issues, for Bun support in Dependabot. I'm kind of holding off on using it until support for it has been rolled out.
We had the same reticence about Dependabot missing before we made the switch, but realised Renovate works with Bun and is a good enough stand in for now until support arrives.
Absolutely zero regrets, the cumulative savings across everything that is faster and the massive step up in DX is worthy of the hype.
This is great. Very creative. Many should copy this scheme. The key is the relative-to-executable/shared object base stack trace program counters.
bun is statically linked, yes? In a dynamically linked system one would need to prefix every normalized program counter with a small numeric shared object ID.
It's not really anything new. Very common in environments where you can't ship symbols such as games crashing on player's computers.
For example, the Unreal Engine crash reporter has been capable of sending such a simple format for many years. You can restore a reasonably accurate function/line number from it for each stack frame.
Though minidump is usually preferred as having the stack variables can give additional hints to what happened.
A lot of people trash about bun, but I think that they are highly motivated people bringing a lot to the table.
Having VCs kind of forces that motivation on you, for better or worse.
That's why in Bun v1.1.5, I wrote a compact new format for Zig and C++ crash reports.
why did the author use the pronoun I instead of we? isn't it a team work and there is no I in team as they say?
We are a team, but Dave wrote the code for this project so "I" makes sense
I feel like this post was a great case study of Zig. Interesting!
This is awesome. Great work Bun team
This is crazy. Amazing work!
Does debug fission not work? Microsoft uses it extensively including having a shared PDB server.
Few people would notice how much attention was put into it. Love it, really tells how much the folks behind bun care about their craft
After years following bun, (seen first tweets about from zig) have recently started using it. Stuff just works without any hassle! Thank you
TIL: Bun runs on Windows and can be installed with scoop.
Linux: Use dl_iterate_phdr to iterate over the loaded modules, once you find one that the raw address is contained in, .dlpi_addr on the dl_phdr_info struct will be the base address.
Er, just use `dladdr()`.
This guy ships
Strange that it doesn’t include some random bytes so the same report can’t be submitted many times. Does it just assume the base memory address is random enough?
Started using it as soon as they hit 1.0 and never looked back, we’re implementing it in every project now.
Bun + uwebsocket cut my server costs and requirements significantly for my websocket app. It's a real delight to work with.
Do you use uwebsocket with Bun explicitly? I thought Bun has websocket support built in by internally using uwebsockets?
Yes, Bun uses uWebSocket internally. I think OP was saying the perf gain comes from the combination of Bun + uWebSocket. For http, most of that is coming from uWS, which is pretty much best performing HTTP framework out there ime.
https://github.com/oven-sh/bun/blob/main/src/http.zig#L34
How did it cut your server costs - increased performance and therefore reduced load?
Bun looks quite promising, but I've heard mixed feedback on it being a "drop in" replacement of node. Any experience with that aspect?
Perf gain mostly from uwebsocket is what it looks like.
It’s good unless you want a repl (they pretend to have one but it’s miserable: >6s latency all the time when it updates), or you plan to use any native modules. The error messages are also significantly worse than node’s. I used it for a bit, but node with ‘—loader tsx’ does everything I want nowadays with none of the downside. If I was building a simple server, perhaps with websockets, and I was sure it need native modules, I’d consider using Bun. I have several such services live now actually.
I too would use it if the REPL worked properly. JS developers are often used to working interactively - the browser/console workflow - and have come to rely on testing ideas or problems / solutions in the REPL interactively.
It's efficient, as you can test and narrow things down in isolation and figure out what is working or not-working very quickly. It's also a good way to try a new module, and this is reflected in docs that eg, use node's REPL as a demo.
One bizarre problem with bun's REPL at the moment, which can be quite the unexpected "gotcha", is the REPL itself seems to be cached, and it goes stale. It actually expects to be able to update itself online every day or so, or it breaks!
Yeah, well cool - unless you ever work offline. Eg, had you expected to work on a long flight and now half your dev workflow was broken, for no good reason. (And unfortunately bun's "--prefer-offline" flag had no effect.)
I don't want to criticise bun too much - it is incredibly fast, and has made other significant workflow enhancements.
But a REPL is a dealbreaker for some of us. I guess it's similar to hot code-reloading in compiled languages, you don't go back to the minutes-long compile-wait cycle for the kinds of problems that kind of workflow makes instantaneous.
Currently, the REPL is an alias of `bunx bun-repl`, and bun-repl is a community-maintained npm package. We haven't had the time to do our own REPL. Honestly, we really need to hire more engineers. We're a small team and there's so much to do
I have not used it in production yet, but it's been great for one-off scripts and side projects. Setting up a TypeScript Node environment with ts-node, ts-jest, ESM support, top level await, etc. is more annoying than it should be. More recent Node releases have alleviated some of this pain, but not as trivial as running bun init.
I've enjoyed using the bun shell [1] API.
[1] https://bun.sh/blog/the-bun-shell
Ohh bun shell looks interesting. I was looking at zx[1] for some frontend pipeline scripting tasks that were just beyond maintainable bash, but maybe I'll give bun shell a go.
[1] https://github.com/google/zx
Bun shell has less features than zx or dax https://github.com/dsherret/dax. I tried it out but had to change tooling.
oh yeah, it's amazing! The speed is great but just the DX is so much nicer than npm, yarn, or node itself. It took us a few tries to getting it working for our prod environments, but nothing we couldn't figure out within the same day.
I thought having a binary for a lock file was weird (don't know the technical reasons behind it besides maybe speed) but after using it for months now, it never has caused an issue for us.
Thanks for the feedback. What kind of product are you using it for? Any issues with library compatibility?
using it on all my side projects, some of which made it to production. some of which had lots of dependencies in the past and seamlessly switched over
one employer/client has a big project I'm afraid to attempt changing anything on, but I wonder
The Bun libraries made it very easy to create my own static site generator. Not a huge lift, I know, but it’s been a delight to work with.
It has been extremely fun to use for personal projects. There are still some things that just do not work, though, like brotli compression which means any library using axios with their default brotli compression setting will crash at runtime. There is also no equivalent to the `npm outdated` command and a few other niceties. It is always little unexpected things, so it would be difficult to recommend for production uses just yet, but things are improving rapidly and I could see it becoming stable enough very soon. The APIs it exposes are so awesome—like giving node an excellent standard library—and the fact that I don’t need a compile step to execute TypeScript code makes it easier to get up and running with Bun than without it. Highly recommend trying for non-production work!
Pretty awesome, but I hope they get the node:crypto module to 100% soon.
I'm using it for my programming language (~15kLOC) as a dev and test runner and haven't had any Bun specific issues so far.
It still surprises me with its instant startup.
Been using it recently and it’s great, the quality of life stuff is really nice (like, not having to worry about compiling TS) and it’s really fast. Some things are still missing though, but for me it’s already better than Node
It’s super fast and nice. But I can’t bring myself to use it with anything other than side projects because of the VC funding model.